One in three data breaches in 2021 will come from insider incidents, according to new research from market analysts Forrester.
Forrester predicts the proportion of data breaches from insider incidents will rise from 25% currently due to changes brought about by the Covid-19 pandemic.
Following the pandemic’s disruption, the report estimates that remote work will rise to 300% of pre-COVID levels, with at least 21% of US information workers working primarily from home, compared with 7% in 2019.
The report states, “In 2021, we will begin to see contours of the new economic, social, and cultural orders forged in the crucible of the COVID-19 pandemic,” but firms will have to learn how to manoeuvre these changes and adapt if they are to remain competitive.
The report recommends CISOs’ focus post-pandemic, as well as that of security and risk leaders, will be to monitor three crucial factors that will lead to a rise in insider attacks:
- The rapid push of users, including some outside of companies’ typical security controls, to remote work as a result of the COVID-19 pandemic
- Employees’ job insecurity
- The increased ease of moving stolen company data
These factors combined will produce an increase of 8 percentage points in insider incidents, according to the study. Additionally, the report suggests that the number of insider attacks will likely rise further as companies learn to identify and attribute insider threats with insider activity.
“Leading CISOs will put a greater focus on insider threat defense while emphasizing improved employee experience — not treating users like machines — to avoid turning employees into malicious insiders. Considerations for employees’ privacy, company culture, and local standards for lawful, fair, and acceptable labor practices are key to the success of your insider threat program,” the report adds.