New Research from CyberArk Reveals Security Risks Introduced by Everyday Employee Behaviors

Privileged access combined with worrisome worker actions compound security risks for organizations

NEWTON, Mass. & PETACH TIKVA, Israel–(BUSINESS WIRE)–CyberArk, the global leader in identity security, today announced the results of new employee research that highlights the need to shift to a model where workforce access is not just managed, but secured. Driven by hybrid working and flexible access trends, a multi-country report reveals how many common employee sensitive and privileged data access behaviors – deliberate and accidental – put organizations at risk. In parallel, new research from CyberArk Labs shows how one’s online history can be a threat to employers as well as to personal lives.

“These findings show that high-risk access is scattered throughout every job role and bad behaviors abound, creating serious security issues for organizations and highlighting the pressing need to reimagine workforce identity security by securing every user with the right level of privilege controls.”

Four Key Findings of CyberArk 2024 Employee Risk Survey: Harmful Employee Behaviors

Based on a survey of 14,003 employees working in all major types of job roles and vertical industries across the USA, UK, France, Germany, Australia and Singapore, the report reveals insights into prevalent employee behaviors and data access patterns. It shows that security teams must rethink how identity security controls are applied to the modern workforce.

  1. Majority Have Access to Sensitive Information: 80% access workplace applications – which often contain business-critical data – from personal devices that frequently lack adequate security controls. The survey confirms that privileged access is no longer confined to IT admins. 40% of respondents indicated they habitually download customer data; a third are able to alter critical or sensitive data; and just over three in 10 can approve large financial transactions.
  2. Password Reuse Is Common: The report highlights several worrisome habits. 49% of employees surveyed use the same login credentials for multiple work-related applications, while 36% use the same credentials for both personal and work applications. 52% of those surveyed have shared workplace-specific confidential information with outside parties. These practices significantly heighten the risk of security leaks and breaches.
  3. Majority Bypass Cybersecurity Policies: 65% of employees often bypass cybersecurity policies to make their lives easier. Common workarounds include using personal devices as WiFi hotspots and forwarding corporate emails to personal accounts.
  4. AI Adoption Creates More Security Challenges: The report also sheds light on the growing use of AI tools in the workplace. Over 72% of employees use AI tools, which can introduce new vulnerabilities when, for instance, sensitive data is inputted into them. Over a third (38%) of employees either ‘only sometimes’ or ‘never’ adhere to guidelines on handling sensitive information in their use of AI tools.

LEAVE A REPLY

Please enter your comment!
Please enter your name here