Information Security News mailing list archives
Most corporate risk due to just 1% of employees
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 27 Aug 2015 10:23:17 +0000 (UTC)
http://www.csoonline.com/article/2975914/application-security/most-corporate-risk-due-to-just-1-of-employees.html By Maria Korolov CSO Aug 26, 2015Just 1 percent of employees are responsible for 75 percent of cloud-related enterprise security risk, and companies can dramatically reduce their exposure at very little additional cost by paying extra attention to these users.
According to newly-released research by CloudLock, which analyzed the behavior of 10 million users during the second quarter of this year, these users are sending out plain-text passwords, sharing files, accidentally downloading malware, clicking on phishing links, using risky applications, reusing passwords, and engaging in other types of dangerous behaviors.
These users include both rank-and-file employees as well as super-privileged users, software architects, and non-human accounts used to perform automated tasks.
According to the most recent Verizon data breach report, the two biggest attack vectors, responsible for more than two-thirds of all breaches last year, involved stolen credentials or phishing.
[...] -- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Most corporate risk due to just 1% of employees InfoSec News (Aug 27)