One in five times, the security breach that puts the company in trouble comes from a malicious employee with criminal intentions, according to a new study by the Novipro and Léger Group.
• Read also: The AMF concerned about the increase in cyber incidents
• Read also: No money for whistleblowers
“More than 21% of companies that have suffered an attack mention that it is one of their employees who had malicious intentions”, shares in an interview with the Newspaper Yves Paquette, president and co-founder of Groupe Novipro, an information technology (IT) firm.
This is one of the observations that emerge from the fifth edition of the Portrait TI of the company and Léger, published this week. Entitled “2020, the year of the great upheaval”, which sets the tone for the report, the study paints a disturbing portrait of cyber attacks in companies.
“The lure of profit is there. Your Newspaper reported a few days ago of an FBI investigation conducted in Gatineau. It doesn’t take some massive equipment to do that. People often hack from their basement, ”adds the president of the Novipro Group, Yves Paquette.
Worse, across the country, just two in five companies feel they are very well protected against data loss, data theft, intrusions or viruses, which does not bode well.
“There are about 18% of the cases where it’s employees who just aren’t paying attention. For example, they’ll plug in their personal computer or download documents to work at home, ”adds Dominique Derrier, head of IT security at Novipro.
That said, the IT security expert insists: companies should be careful when it comes to welcoming a new colleague.
“Does the intern need to have access to all of the company’s confidential contracts? No, ”says the man who is also president of the Information Security Association of Metropolitan Montreal (ASIMM).
▶ While in Quebec, malicious resources represent 21% of security breaches, this number rises to 35% in Canada as a whole and explodes to 41% in Ontario, notes the new study by the Novipro and Léger Group.