Insider data breaches set to increase due to remote work shift

Forrester expects internal incidents to cause a third of breaches next year, an 8% increase compared to 2020

A third (33%) of all data breach incidents in 2021 are expected to be caused by insiders, according to the latest Forrester Cyber Security Predictions report.

This will be an 8% increase compared to 2020, during which 25% of data breaches were deemed to be caused by internal incidents, based on predictions made by respondents to a Forrester security survey. This includes accidental incidents, as well as those caused by malicious intent.

The increase in insider incidents is likely to be caused by the unprecedented change in working environments from the office to remote working during nationwide lockdowns. Other contributing issues outlined by Forrester include the ease with which data can be moved as well as the general fear of being made redundant.

The report found that, while “firms add capabilities for detecting insider threats, they will also be able to identify and attribute more incidents to insider activity than they were previously”.

Forrester analysts recommended focusing on insider threat defense, as well emphasising “employee experience to avoid turning employees into malicious insiders”.

“Remember that trust is not a control,” they added.

Forrester also predicts that the retail and manufacturing industries should expect more data breaches due to the direct-to-consumer shift caused by changing consumer buying habits. Although such changes had been observed for some time, they been accelerated during the coronavirus pandemic, with many customers having their first experience with digital payments due to the government-enforced closures of physical shops. 

Senior Forrester analyst Anjali Lai said that as many as “62% of US online adults had performed some kind of online transaction for the first time as a direct result of the COVID-19 pandemic”.

The Cyber Security Predictions report warned that “brands that once went to market via retailers and distributor supply chains face disruption, forcing them to now sell directly to consumers”, adding that “more customer-facing applications means more code, and more code means more risk”.

“This shift requires companies to expand their attack surface by adding digital storefronts and marketplaces and adopting new engagement models.”

That is why businesses shifting to a direct-to-consumer approach are advised to “prioritise product security, build a developer champions program, and explore breach and attack simulation tools”.

Featured Resources

How to choose an AI vendor

Five key things to look for in an AI vendor

Download now

The UK 2020 Databerg report

Cloud adoption trends in the UK and recommendations for cloud migration

Download now

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

Download now

The impact of AWS in the UK

How AWS is powering Britain's fastest-growing companies

Download now

Recommended

Cisco lands $1 billion defense IT contract
Security

Cisco lands $1 billion defense IT contract

15 Jun 2021
REvil hacking group attacks US nuclear weapons contractor
ransomware

REvil hacking group attacks US nuclear weapons contractor

15 Jun 2021
Putin open to handing cyber criminals over to US
hacking

Putin open to handing cyber criminals over to US

14 Jun 2021
Futurex‌ ‌and Google enable‌ ‌client-side‌ ‌Google‌ ‌Workspace encryption‌
Google Docs

Futurex‌ ‌and Google enable‌ ‌client-side‌ ‌Google‌ ‌Workspace encryption‌

14 Jun 2021

Most Popular

GitHub to prohibit code that’s used in active attacks
cyber security

GitHub to prohibit code that’s used in active attacks

7 Jun 2021
WWDC 2021: Apple unveils iOS 15, macOS Monterey and more
iOS

WWDC 2021: Apple unveils iOS 15, macOS Monterey and more

8 Jun 2021
OnePlus 9 Pro review: An instant cult classic
Hardware

OnePlus 9 Pro review: An instant cult classic

7 Jun 2021