Employee error diminishes IT productivity and causes more problems than intentionally malicious acts, costing US firms as much as $1.5m in time wasted responding to incidents, according to Raytheon.
The defense contractor, which acquired security vendor Websense in April, commissioned the Ponemon Institute to interview over 1000 IT professionals in the US and Germany for its report: The Unintentional Insider Risk in United States and German Organizations.
Some 70% of US and 64% of German respondents claimed that more security incidents are caused by employee error than intentional/malicious acts.
IT staff spend on average nearly three hours each day dealing with security risks caused by negligent employees.
Issues associated with negligent employees include leaving confidential documents in plain view, sharing passwords, circumventing security procedures, falling for phishing scams, and transferring sensitive data to the public cloud without authority, according to the report.
In addition, 79% of US respondents claimed that multi-taskers are more likely to be careless. Those who work long hours were also flagged as posing a security risk.
“As the Ponemon study reveals, security incidents are caused by negligence which leads to a decrease in IT productivity,” said Raytheon-Websense president, Ed Hammersla in a statement.
“Workplace stress, multitasking, long hours and a lack of resources and budget are the biggest contributors to employee negligence. Having programs in place that include a mixture of training, policy and technology are vital to addressing insider threats before they become a major issue.”
The insider threat was highlighted in another report this week which claimed that employees would be prepared to sell corporate data if offered enough money.
A quarter of the 4000 staff members in Australia, the UK, US and Germany surveyed by Clearswift said they’d be prepared to hand over sensitive business information for £5000.
That figure rose to 35% when the monetary reward was upped to £50,000.
>> Find out more in our recent webinar on the negligent insiders topic, in association with Raytheon.