Industry News

Employees reported as highest security risk, research shows

Top executives have reported growth in fraud, cyber and security incidents in 2016, Kroll’s 2016/2017 global fraud and risk report says.

Cyber events have become most prevalent of the three, with 85 percent confirming an episode in the past year. Some 33 percent of companies examined experienced a virus or worm infection, while 26 percent dealt with phishing attacks.

Employees, whether current, former or temporary, are the weakest link in spite of common belief that external attacks are more common, said 60 percent of respondents, while junior staff were to blame in 39 percent of incidents.

“This ‘human factor’ is equally important in prevention as it is in investigation,” says Tommy Helsby, Co-Chairman, Investigations and Disputes at Kroll. “In cyber security, for example, a purely technical approach offers false comfort: It can only be as good as the people who are using it, whatever the salesman tells you. Where sophisticated cyber security systems can help is in limiting and mitigating the damage if (or perhaps when) there is a problem. Human behavior must be addressed first. For businesses that operate multi-nationally, a one-size-fits-all policy and procedures manual may be so dysfunctional as to provide the same sort of false comfort.”

The good part of an inside job is companies can better manage risk exposure as they could have more control over the problem by discovering it early on in the investigation. However, their reputation may be greatly affected if it’s an inside job, implying their strategy is weak and risk mitigation efforts are inefficient. Whistle-blowing programs and internal audits have proven the most useful in detecting insider fraud.

As a result of cyber incidents, 23 percent of respondents lost customer or employee data in a breach and 19 percent lost information related to research and development, trade secrets and intellectual property.

The research, carried out by Forrester in July and August 2016, is based on ten detailed interviews and an online survey with 545 senior executives from major geographical regions and various industries.

About the author


From a young age, Luana knew she wanted to become a writer. After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats. Luana is a supporter of women in tech and has a passion for entrepreneurship, technology, and startup culture.