Over half of UK office workers would access sensitive company information if they knew they wouldn’t get caught, according to new survey findings that revealed the true extent of employee temptation.
The study, by cyber security firm CyberArk, asked 1,000 employees how deeply they would breach company lines. Worryingly for business owners, while a majority were keen to see confidential data and information, a significant number were untroubled by potential damage caused.
Overall, unhappy employees were over twice as likely to seek out sensitive company information than colleagues satisfied with their job – 61 per cent compared to 29 per cent.
A fairly innocent third said they wanted to see if they were fairly rewarded for their work by comparing salaries, while a mischievous quarter wanted to look for office gossip.
However, if handed the keys to sensitive company information with no consequences, almost a third would give themselves a pay rise, while one in five would treat themselves to extra holiday entitlement.
The findings confirmed the unhappier an employee was, the more sinister the motive. Around one in five admitted they would either expose unethical or corrupt practices within the business they worked for, or show up dishonest, lazy colleagues.
Worryingly for small business owners, a significant number of employees were untroubled by the potential impact on a business.
Over a quarter were only deterred by the fear of getting caught, while one in five cited their lack of technical ability as the reason they hadn’t hacked company databases. Just 40 per cent of all respondents felt a moral obligation to keep away from sensitive company information.
The findings also highlighted the need for employers to be aware of cyber security threats from the inside. Past research has suggested internal staff are responsible for 60 per cent of all cyber attacks within companies, from leaked passwords to selling of data.
Commenting on the study, Matt Middleton-Leal, CyberArk’s regional vice president for the UK, Ireland and Northern Europe, said employers should be aware of the internal cyber threat posed by staff members.
“While this survey highlights the potential mischief that employees can get up to without proper access controls, it’s also an important reminder that insiders – or cyber attackers posing as insiders – pose one of the greatest security threats to organisations today,” he said.
Middleton-Leal elaborated on the wider cyber security landscape, and emphasised the wake-up call of the recent attacks on the NHS.
“Cyber criminals are getting more aggressive with their attacks, which are escalating more quickly than ever before – as with the WannaCry ransomware attacks.
“With cyber skills advancing all the time and attackers hiding behind valid credentials to avoid being noticed and caught, companies have to be more alert than ever to monitor and stop unwanted insiders in their tracks and protect their most valuable information.”
Are you one of the 90 per cent of business owners overlooking these daily cyber protection measures?
Sign up to our newsletter to get the latest from Business Advice.