"Critical Infrastructure Firms Concerned Over Insider Threat"
Security researchers at Bridewell Consulting have discovered that over a third (35%) of critical national infrastructure (CNI) security leaders believe the economic downturn is forcing employees to turn to data theft and sabotage. The researchers polled 1025 individuals with responsibility for cybersecurity in UK and US CNI firms across the communications, utilities, finance, government, transport, and aviation sectors. The researchers stated that many believe the cost-of-living crisis may be driving insiders at these firms to do the bidding of cybercrime groups in return for a big pay-off. Their suspicions are backed by hard evidence: the financial services sector was hit worse than any other industry sector studied. The researchers noted that organizations in the vertical suffered, on average, 28 security incidents caused by employee sabotage over the previous 12 months, as well as 28 instances of data theft or misuse. Overall, the number of employee sabotage incidents at CNI firms surged by 62% year-on-year. The researchers stated that challenging economic conditions are also putting pressure on CNI firms in other ways. Almost two-thirds (65%) of UK respondents said they had seen “some reduction” or a “significant reduction” in their cybersecurity budget, rising to 73% of US respondents. The communications sector has been impacted the least by these cuts, with almost half (48%) claiming to have seen no change in security budgets. At the other end of the spectrum, the transport and aviation (73%) and utilities sectors (69%) experienced the greatest falls. The researchers noted that the utilities sectors also include energy, oil, and gas companies.
Infosecurity reports: "Critical Infrastructure Firms Concerned Over Insider Threat"