Casual Employee Attitudes Equal Security Risks; Healthcare Joins Manufacturing as Industry Plagued by Insider Threats
Symphony Communication Services released the results of its Symphony Workplace Confidential Survey, which examined the growth of new collaboration tools and platforms entering the workplace. The findings highlight a worryingly casual attitude to workplace communications that pose a threat to businesses.
“The way we work is changing,” states Jonathan Christensen, Chief Experience Officer at Symphony. “Collaboration platforms and other innovations bring positive improvements that enable more flexibility and better work-life balance. But a more casual approach to workplace communications, and digital habits in general presents major security risks. Employees won’t keep secure practices on their own, and employers must consider how they will secure workforce communication over messaging and collaboration tools, just like they did with email.”
Healthcare joins manufacturing as one of the top industries plagued by insider threats and user negligence. The Vectra 2019 Spotlight Report on Healthcare found that internal human error and misuse – rather than ransomware – represent the most prevalent security threat. In addition, a growing number of errors are the result of unmanaged devices and lateral movement of device-to-device communication.
"Data is moving in and out of hospitals very freely and they're very unsegmented," says Chris Morales, head of security analytics at Vectra and principal author of the report.
Endpoint agents, meanwhile, can help with basic tasks for security, says Morales. "You need visibility inside the network to see, not what attackers are doing, but just what's happening."
Get the full report here.
A three-pronged, whole-of-government effort is underway to protect private organizations from cyber attacks. Using key learnings from the public sector, the FBI is working to help companies understand critical threats and how they should respond if attacked – with the hope of keeping nation states, insider threats and other bad actors from causing similar incidents in the private sector.