cybersecurity: Security violations by employees as harmful as hacking: Report
Employee violations of an organisation’s information security policies are as dangerous as external hacker attacks, a report warned on Friday.
![]()
In terms of individual employee behaviour, the most common problem is that employees deliberately do what is forbidden and, conversely, they fail to perform what’s required.
Elevate Your Tech Prowess with High-Value Skill Courses
| Offering College | Course | Website |
|---|---|---|
| MIT | MIT Technology Leadership and Innovation | Visit |
| IIT Delhi | IITD Certificate Programme in Data Science & Machine Learning | Visit |
| Northwestern University | Kellogg Post Graduate Certificate in Product Management | Visit |
In the last two years, 33 per cent of cyber incidents in businesses in Asia Pacific (APAC) occurred due to employees intentionally violating security protocol, according to the report by cyber-security firm Kaspersky.
A quarter (35 per cent) of cyber incidents in the last two years occurred due to the use of weak passwords or failure to change them in a timely manner. This is 10 per cent higher than the global result of 25 per cent.
“It is alarming to see that despite the several headline-grabbing data breaches and ransomware attacks that happened in the region this year, a lot of employees continue to intentionally breach basic information security policies,” said Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
A multi-department approach to build a strong enterprise cybersecurity culture is urgently needed to address this human-factor gap that is definitely being exploited by cybercriminals, Hia advised.
Discover the stories of your interest
Respondents from organisations in APAC claimed that intentional actions to break the cybersecurity rules were made by both non-IT and IT employees in the last two years.They said policy violations such as these by senior IT security officers caused 16 per cent of the cyber incidents in the last two years, 4 per cent higher than the global average.
Other IT professionals and their non-IT colleagues brought about 15 per cent and 12 per cent of cyber incidents, respectively, when they breached security protocols.
Another cause of almost one third (32 per cent) of cybersecurity breaches were the result of staff in APAC visiting unsecured websites.
Another 25 per cent reported they faced cyber incidents because employees did not update the system software or applications when it was required.
Using unsolicited services or devices is another major contributor to intentional information security policy violations, said the report.
Stay on top of technology and startup news that matters. Subscribe to our daily newsletter for the latest and must-read tech news, delivered straight to your inbox.
Employee violations of an organisation’s information security policies are as dangerous as external hacker attacks, a report warned on Friday.
![]()
In terms of individual employee behaviour, the most common problem is that employees deliberately do what is forbidden and, conversely, they fail to perform what’s required.
Elevate Your Tech Prowess with High-Value Skill Courses
| Offering College | Course | Website |
|---|---|---|
| MIT | MIT Technology Leadership and Innovation | Visit |
| IIT Delhi | IITD Certificate Programme in Data Science & Machine Learning | Visit |
| Northwestern University | Kellogg Post Graduate Certificate in Product Management | Visit |
In the last two years, 33 per cent of cyber incidents in businesses in Asia Pacific (APAC) occurred due to employees intentionally violating security protocol, according to the report by cyber-security firm Kaspersky.
A quarter (35 per cent) of cyber incidents in the last two years occurred due to the use of weak passwords or failure to change them in a timely manner. This is 10 per cent higher than the global result of 25 per cent.
“It is alarming to see that despite the several headline-grabbing data breaches and ransomware attacks that happened in the region this year, a lot of employees continue to intentionally breach basic information security policies,” said Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
A multi-department approach to build a strong enterprise cybersecurity culture is urgently needed to address this human-factor gap that is definitely being exploited by cybercriminals, Hia advised.
Discover the stories of your interest
Respondents from organisations in APAC claimed that intentional actions to break the cybersecurity rules were made by both non-IT and IT employees in the last two years.They said policy violations such as these by senior IT security officers caused 16 per cent of the cyber incidents in the last two years, 4 per cent higher than the global average.
Other IT professionals and their non-IT colleagues brought about 15 per cent and 12 per cent of cyber incidents, respectively, when they breached security protocols.
Another cause of almost one third (32 per cent) of cybersecurity breaches were the result of staff in APAC visiting unsecured websites.
Another 25 per cent reported they faced cyber incidents because employees did not update the system software or applications when it was required.
Using unsolicited services or devices is another major contributor to intentional information security policy violations, said the report.
Stay on top of technology and startup news that matters. Subscribe to our daily newsletter for the latest and must-read tech news, delivered straight to your inbox.
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.