Analytics
11/23/2009
06:17 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Employees Willing To Steal Data; Companies On The Alert

Separate studies offer a scary glimpse into the minds of employees, management

Employees know it's illegal to steal company data, but they're prepared to do it anyway. Companies know their employees are a chief threat to their data, but most aren't doing much about it.

These are the takeaways from two separate studies published today by security vendors Cyber-Ark and Actimize. Taken together, the studies paint a sobering picture of the state of trust and security within the corporate walls.

In its study, Cyber-Ark surveyed some 600 workers in the financial districts of New York and London and found that most workers are not shy about taking work home -- and keeping it for their own use.

Eighty-five percent of the respondents to the Cyber-Ark survey said they know it is illegal to download company data for personal use, but 41 percent said they already have taken sensitive data with them to a new position. About a third of respondents said they would share sensitive information with friends or family in order to help them land a job.

Almost half of the respondents (48 percent) admitted if they were fired tomorrow they would take company information with them, Cyber-Ark says. Thirty-nine percent of people would download company/competitive information if they got wind that their job were at risk. A quarter of workers said the recession has made them feel less loyal toward their employers.

Of those who plan to take competitive or sensitive corporate data, 64 percent said they would do so "just in case" the data might prove useful or advantageous in the future. Twenty-seven percent said they would use the data to negotiate their new position, while 20 percent plan to use it as a tool in their new job.

Customer and contact lists were the top priority for employees to steal, registering 29 percent of the respondents. Plans and proposals were next (18 percent), with product information bringing up the rear (11 percent). Thirteen percent of savvy thieves said they would take access and password codes so they could get into the network once they've left the company and continue downloading information and accessing data.

According to the second study, which was compiled by security vendor Actimize, most companies know about the threat from employess and are worried about it.

Eighty-two percent of those surveyed, approximately a quarter more than in 2007, see the threat of employee fraud growing, and 78 percent see the employee fraud problem increasing due to the slower economy.

The Actimize study, which was conducted by third-party firm Infosurv, found more than 69 percent of respondents view full-time employees as the highest risk segment -- seven to 14 times more risky than part-time, offshore, outsourced, or temporary employees.

The respondents to the Actimize survey, who all came from the financial services industry, are increasingly alarmed with employee sabotage, Actimize said. Seventy-two percent of respondents stated they are moderately to extremely concerned that laid-off or disgruntled employees will plant malicious software scripts or destroy company property.

Eighty-four percent of the financial respondents said the industry is likely to experience a rogue trading loss of more than $100 million in the next 12 months, as it did last year at Societe Generale.

While fears of insider threat run high, however, many companies appear to be at a loss as to what to do about it. Sixty-seven percent of those surveyed think a half or less of employee fraud cases are actually caught. When ranking top ways they uncover employee fraud, 34 percent admitted they discovered the fraud "accidentally."

More than three-quarters of respondents said the nature of employee fraud is becoming more sophisticated, yet less than 30 percent use the latest generation of tools to protect against employee fraud, Actimize said. This is actually a significant improvement from 2007, when only 8 percent used the latest generation of technologies to combat employee fraud.

Fifty-eight percent of respondents rated the financial industry's ability to detect employee fraud as "poor" or "somewhat acceptable," which is also a noticeable improvement from 2007.

"As the research shows, regardless of the direction the economy takes in the near future, financial institutions are expected to be increasingly concerned about the threat of criminal employee behavior," said Paul Henninger, head of the financial crimes product group at Actimize. "Luckily, there is evidence that the industry is improving its ability to investigate and catch employee fraud."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6212
Published: 2014-04-19
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.

CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2013-6215
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

CVE-2013-6218
Published: 2014-04-19
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Best of the Web