According to the Center for Cyber security is negligent employees at fault in half of all cyber attacks against the Danish authorities and companies. This is the sound of the common assessment from the Police Intelligence service – PET and the Center for Cyber security in the report ”Cybertruslen from the conscious and unconscious insiders”.
On the basis of – among other things, ENISA’s Threat Landscape Report for the year 2016 evaluate the CFCS and the PET that it is likely that unconscious insiders may be involved in up to half of all recorded security incidents in an organisation, says head of the Centre for Cyber security, Thomas Lund-Sørensen.
The assessment is shared by Peter Kruse, who is the co-founder of the company CSIS Group. He has over 10 years has been a technical advisor to Interpol and Europol.
– We are basically agreed that the vast majority of the incidents we experience are caused by the unconscious insiders, who accidentally activate something harmful or doing something wrong. Thus brings the organisationssikkerheden in the organization in danger, he says.
Peter Kruse points in the same game that cybertruslen against Denmark has grown over the last year. This is due not least to the high degree of digitalisation of the Danish authorities and businesses to make them more vulnerable to this type of attack.
– Therefore, there has been an explosion in the possibilities for attacking the employees of the companies. Because of the technological development has virtually all employees have access to one form or another for IT, he says, and adds:
– this increases the threat for an attack to come through IT.
at the same time, according to Peter Kruse is also a great increase in the number of CYBER-criminals from other parts of the world who are out to enrich themselves at the expense of the Danish organisations. It hangs, among other things, that a large part of the population of the world’s poor countries have gained access to the Internet.
– Therefore, we see a resurgence of crime from countries with which we had not expected to experience crime. There I am thinking in particular of large parts of the african continent, Asia and South and central America, he says.
the report concludes, also, that the unconscious insiders can be found in all Danish authorities and companies, which results in an increased vulnerability to cyber threats.