Receive the latest mybusiness newssign up

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

1 in 5 cyber incidents come from within


Businesses face a significant cyber threat from within their own ranks, according to a new report, which found that one in five cyber “incidents” and 15 per cent of all data breaches are caused internally.

The Verizon Insider Threats Report investigated 53,000 incidents and 2,216 data breaches from 67 organisations in 65 countries around the world, which revealed the extent of cyber incidents that occur from someone operating within the organisation.

Financial gain was found to be the motive for almost half (47.8 per cent) of those responsible. More disturbingly, almost one in four (23.4 per cent) were done for “pure fun”.


The findings led Verizon’s executive director for security professional services, Bryan Sartin, to declare that, “for far too long, data breaches and cyber security incidents caused by insiders have been pushed aside and not taken seriously”.

“Often they are treated as an embarrassment or just an issue for human resource departments,” he said.

“This has to change. Cyber threats do not just originate from external sources, and to fight cyber crime in its entirety, we also need to focus on the threats that lie within an organisation’s walls.”

Employers should be alert to five “insider personalities”, according to Verizon, in order to keep on top of data risks.

Those personalities are:

  • The careless worker – Inappropriate, rather malicious.
  • The inside agent – Employees recruited, solicited or bribed by external parties to provide sensitive data.
  • The disgruntled employee – Those who seek to harm their employer.
  • The malicious insider – Using access for personal gain.
  • The feckless third-party – Business partners compromising security through negligence, misuse or malicious access.

“Detecting and mitigating insider threats requires a different approach compared to hunting for external threats,” Mr Sartin said.



He urged business leaders to get up to speed with what their digital assets are and who has access to them, in order to determine and hence mitigate the risk of damage.

Adam Zuchetti

Adam Zuchetti

Adam Zuchetti is the editor of My Business, and has steered the publication’s editorial direction since early 2016. 

The two-time Publish Awards finalist has an extensive journalistic career across business, property and finance, including a four-year stint in the UK. Email Adam at This email address is being protected from spambots. You need JavaScript enabled to view it.

1 in 5 cyber incidents come from within
mybusiness logo