All news with #insider risk tag

🔍 While many organizations intentionally deploy AI to improve productivity, unsanctioned AI is proliferating faster — employees install tools or vendors embed assistants into existing apps. The article defines four AI categories and maps specific detection techniques to each, covering DNS, web gateways/NGFW, EPP/EDR, application and browser controls, and SSPM/identity governance. It flags OAuth consent as a high-risk channel and summarizes admin steps for Microsoft Entra, Google Admin, Salesforce, and ServiceNow to block or restrict app access.

🔒 A new report from Absolute Security finds that 58% of CISOs would realistically consider paying a ransom to restore systems after a ransomware attack. US respondents were likelier to consider payment (63%) than UK peers (47%), with legal guidance, GDPR and doubts over recovery cited as reasons. Operational downtime was viewed as the most damaging impact. The report warns organizations to invest in resilience, infrastructure and governance to reduce reliance on ransom payments.

🛡️ Hiring fraud has produced thousands of fake IT workers who gain trusted access and create serious insider risks. Companies such as Amazon report coordinated attempts tied to state actors, while researchers like SentinelOne and vendors observe AI-enabled deepfakes, synthetic identities and stolen US credentials used to pass recruitment checks. Organizations must treat remote hiring as an access-control problem: strengthen identity screening, enforce staged trust, and deploy continuous post-hire telemetry and behavioral detection.

🔍Only 34% of cybersecurity professionals plan to remain with their current employer, according to a survey of 500 respondents by IANS and Artico Search. The report finds that flexible work models, visible leadership support, and structured career development influence retention more than absolute pay. Hybrid schedules, mentorship, and modern tooling help reduce burnout and turnover.

🛡️ Marsh's 2026 People Risks report, compiled from interviews with over 4,500 HR and risk professionals across 26 markets, finds cyber-threat literacy is the top global people risk, with technological change, tech skills shortages and AI-related mindset barriers also ranking highly. The report highlights mishandling of data and low employee security awareness as persistent threats that can increase exposure to breaches and reputational damage. Marsh recommends reframing cyber risk to cover OT, HR and third-party systems, recruiting cyber talent, building a cyber-centric culture, reducing fatigue, and ensuring human oversight with robust governance and insurance cover.

🔒 Nitin Raina’s move from IT operations to Thoughtworks’ global CISO and global head of enterprise risk illustrates a fast-growing trend: CISOs increasingly lead enterprise risk programs. Since 2020 Raina has built an ERM function that links strategic, operational, and cybersecurity risks through assessments, gap analyses, and controls. Industry reports show most CISOs now share accountability for operational business risk and are responsible for AI governance, making GRC and risk quantification central to executive and board trust.

🔒 A new 2026 Cybersecurity Talent Report from IANS and Artico Search warns CISOs must be aggressive and innovative to retain staff amid a volatile jobs market. Based on interviews with over 500 US cybersecurity professionals, the study found only 34% plan to stay in their roles while 43% are considering a change, with turnover intent higher among senior staff. The report links job satisfaction to career progression, compensation movement and work-life balance, and highlights hybrid working and visible senior support as key retention drivers.

🔒 New analysis from law firm Nockolds shows employee data breaches reported to the UK Information Commissioner’s Office reached 3,872 incidents in 2025, a 5% year‑on‑year increase and about 29% above the 2019 baseline of 3,010. The report highlights a divergence in incident types: cyber-related breaches fell 6% to 1,568, while non-cyber incidents rose 15% to 2,304. Nockolds principal associate Joanna Sutton attributes the shift to hybrid working and gaps in physical and procedural safeguards, and urges closer collaboration between HR and security teams to improve training, policies and risk controls.

🔒 Mazda Motor Corporation disclosed unauthorized access to a warehouse management system used for parts procured from Thailand, affecting 692 records containing employee and business partner information. The exposed data types included user IDs, full names, email addresses, company names and business partner IDs, and Mazda says no customer data was involved. The company reported the incident to the Personal Information Protection Commission and implemented security patches, reduced internet exposure, increased monitoring and stricter access controls while investigating with external specialists.

🔒 Mimecast's State of Human Risk Report 2026 warns that insider threats have escalated into a critical business risk, driven in part by employees mishandling or abusing AI tools. The study found 42% of organizations reported increases in both malicious insider activity and negligence-related incidents, while security leaders now anticipate an average of six insider-driven incidents per month. Mimecast cautions that attackers and insiders leveraging AI amplify exposure and call for security to address risk at the user level.

🚨 A recent IANS Research and Artico Search survey found that 69% of enterprise CISOs are open to a career move within the next year, often targeting larger-company CISO roles, other executive posts, or non-CISO paths. Analysts attribute the trend to chronic exhaustion, misaligned authority, and a structurally broken role that leaves leaders accountable without matching influence. Experts recommend giving CISOs enterprise-level standing, direct CEO and board access, and authority and budget that match their responsibilities to retain top security talent.

🔒 The article argues that organizations commonly mistake tenure, performance, or verbal commitment for durable loyalty, creating a blind spot for insider risk. Loyalty is dynamic—shaped by fairness, hardship, and alignment—and can erode into resentment, data theft, or sabotage. The author advocates continuous, tiered verification, privacy-respecting monitoring, and AI-aware controls, citing Trusted Workforce 2.0 as a blueprint and cost comparisons that favor proactive programs.

🔒 A BlackFog survey reports that 49% of workers use AI tools at work without employer approval, often relying on free versions that may retain and use corporate data. Senior leaders appear surprisingly tolerant—69% of presidents and C-suite members and 66% of directors and senior VPs prioritize speed and efficiency over privacy. The study highlights risks to intellectual property and sensitive employee and financial data when unsanctioned tools are connected to corporate systems. It recommends audits, clear policies, vendor verification, and employee education to regain visibility and control.

🔒 The US Cybersecurity and Infrastructure Security Agency (CISA) has released an infographic to help critical infrastructure operators and SLTT governments prevent, detect and respond to insider threats. It advocates treating insider risk as an essential capability and recommends scalable, multidisciplinary teams that are embedded in existing structures. The guidance outlines a four-stage model—plan, organize, execute, maintain—and emphasizes confidentiality, legal compliance and coordination with external partners.

🔒 A growing body of evidence shows insider threats are a systemic and underestimated risk: a Bitkom survey found 48% of German companies attribute data theft, espionage or sabotage to employees. Insiders hold legitimate access and institutional knowledge, enabling subtle misuse that often evades technical controls. Effective protection requires shifting from isolated tools to a holistic, human-centred approach that combines culture, governance and clear ownership of risk.

🔐 Identity-focused attacks are now the dominant threat, and organizations must pair prevention with deep visibility. Identity Threat Detection & Response (ITDR) provides centralized logging, behavioral analytics, and alerts that reveal suspicious logins, anomalous account activity, and insider risk. tenfold combines Identity Governance and Event Auditing in one platform with lifecycle automation, access reviews, and centralized investigation tools. Book a personalized demo to evaluate capabilities and deployment speed.

⚠️ Economic pressures, mass layoffs, and rapid AI adoption have pushed insider risk to multi-year highs. In 2025 tech companies announced roughly 245,000 job cuts while US employers logged more than 1.17 million cuts, fueling resentment, negligence, and opportunistic exfiltration. Autonomous AI agents — highlighted by Palo Alto Networks — expand the attack surface, introducing risks like goal hijacking, prompt injection, and shadow deployments that require urgent governance and monitoring.

🔒 IANS' 2026 State of the CISO Report, drawn from interviews with 662 North American CISOs, shows the role shifting toward the executive suite: 46% now hold executive titles while 27% are VPs and 27% directors. Over half report that their remit has expanded to include SecOps, security architecture, GRC, app security, IAM and supplier risk. Despite greater boardroom influence and wider accountability, 52% say their scope is no longer fully manageable, risking delayed strategy and reactive security.

🔒 Boards increasingly accept cyber risk, yet funding rarely follows purely rational ROI debates. The author contends that budget availability is often reactive — unlocked by imminent regulatory reviews, adverse audits or recent incidents — rather than the result of careful risk quantification. The core obstacles, he argues, are chronic execution failures, governance and cultural misalignment. CISOs should focus on building trust and strategic influence during the first hundred days to convert goodwill into lasting programs.

🤖 On episode 447 of the Smashing Security podcast Graham Cluley and guest Jenny Radcliffe explore how generative AI can enable stalking — reporting that Grok was used to doxx people, outline stalking strategies, and share revenge‑porn tips. They also recount the audacious Louvre crown jewels heist, where thieves abused assumptions about what ‘looks normal’. Graham additionally interviews Rob Edmondson about how Microsoft 365 misconfigurations and over‑privileged accounts create serious security exposures. The episode emphasizes practical lessons in threat modelling and access hygiene.