IBM used information from over 8,000 of their clients’ devices, which revealed that although 55.5% of such attacks were not malicious, 44.5% were.
15.5% of the insider attacks were done inadvertently, meaning that someone at the company mistakenly allowed an attacker access to the network. That figure has dropped from 2014, which suggests companies are doing a better job educating and communicating how insiders could help reduce cybercrime.
IBM defined an insider as anyone who has physical or remote access to a company’s assets, although this would often be an employee, it can also mean business partners or maintenance contractors.
IBM added that insiders may also be aware of the company’s weaknesses and thus exploit them more effectively than an outside agent might be able to.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now