Subscribe to our newsletter sign up
1 in 5 cyber incidents come from within

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

1 in 5 cyber incidents come from within

Bryan Sartin

Businesses face a significant cyber threat from within their own ranks, according to a new report, which found that one in five cyber “incidents” and 15 per cent of all data breaches are caused internally.

The Verizon 2018 Data Breach Investigations report investigated 53,000 incidents and 2,216 data breaches from 67 organisations in 65 countries around the world, which revealed the extent of cyber incidents that occur from someone operating within the organisation.

Financial gain was found to be the motive for almost half (47.8 per cent) of those responsible. More disturbingly, almost one in four (23.4 per cent) were done for “pure fun”.

The findings led Verizon’s executive director for security professional services Bryan Sartin to declare that, “for far too long, data breaches and cyber security incidents caused by insiders have been pushed aside and not taken seriously”.

“Often they are treated as an embarrassment or just an issue for human resource departments,” he said.

“This has to change. Cyber threats do not just originate from external sources, and to fight cyber crime in its entirety, we also need to focus on the threats that lie within an organisation’s walls.”


Employers should be alert to five “insider personalities”, according to Verizon, in order to keep on top of data risks.

Those personalities are:

  • The careless worker – Inappropriate rather than malicious.
  • The inside agent – Employees recruited, solicited or bribed by external parties to provide sensitive data.
  • The disgruntled employee – Those who seek to harm their employer.
  • The malicious insider – Using access for personal gain.
  • The feckless third-party – Business partners compromising security through negligence, misuse or malicious access.

“Detecting and mitigating insider threats requires a different approach compared to hunting for external threats,” Mr Sartin said.

He urged business leaders to get up to speed with what their digital assets are and who has access to them, in order to determine and hence mitigate the risk of damage.

Interested in the issues shaping the in-house legal landscape? Don’t miss your chance to hear from local and global in-house legal powerhouses at the 2019 Corporate Counsel Summit!

Emma Ryan

Emma Ryan

Emma Ryan is the editor of Lawyers Weekly at Momentum Media.

Emma has worked for Momentum Media since 2015, and has been responsible for breaking some of the biggest stories in corporate Australia. She also directs the content for Lawyers Weekly's stable of events, including the Australian Law Awards, the Women in Law Awards and the Boutique Law Summit. 

A journalist by training, Emma has spent her career connecting with audiences across a variety of platforms, including online, podcast and radio.

She graduated from Charles Sturt University with a Bachelor of Communications (Journalism). 

You can email Emma on: This email address is being protected from spambots. You need JavaScript enabled to view it. 

Recommended by Spike Native Network