Study: Rogue Employees Are Top Concern For Security Pros

Insider threat tops list of worries for security pros; malware, unauthorized software also cause concern

Dark Reading Staff, Dark Reading

June 10, 2013

1 Min Read
Dark Reading logo in a gray background | Dark Reading

More than 40 percent of security professionals believe that rogue employees are the biggest threat to their organizations -- yet many organizations continue to leave the door open for insider attack, according to a new study.

In a survey conducted by Avecto at the recent Infosecurity Europe conference, 41 percent of security professionals rated malicious insiders as their chief worry.

At the same time, many security pros admit to allowing administrative privileges to go unmanaged, making organizations increasingly vulnerable to malware exploits and unauthorized software, according to the survey.

More than 30 percent of respondents said they have no policy in place for managing administrator access.

Another 31 percent of respondents cited malware exploits and targeted cyberattacks as their top security concerns. Eight percent deemed unauthorized software as a top organizational danger. All of these threats could be exacerbated by the shortage of controls over administrative rights, Avecto notes.

"In today's increasingly complex threat landscape, organizations are quickly learning that employees don't have to be malicious to put a company at risk," said Mark Austin, co-founder and CEO of Avecto. "The most common threat comes from employees who download and install unauthorized software, without understanding the potential risks associated with their actions.

"Users logging on with full administrator rights will continue to put organizations at real risk of infection, as the sophistication of malware and targeted attacks continues to evolve," Austin continued. "Unfortunately, organizations are still allowing administrator rights to go unmanaged, whether knowingly or unwittingly."

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights