Cybersecurity and the Forgotten Risk of the Employees

Nicolas Lagrèze

August 1, 2023

According to the Verizon Data Breach Investigations Report 2020, 30% of data breaches involved internal actors, highlighting the significant role employees play in cybersecurity incidents. This statistic underscores the importance of recognising the potential risks posed by employees and the need for organisations to prioritise employee cybersecurity awareness and training.

While external threats like hackers and malware receive much attention, organisations must recognise the potential vulnerabilities within their workforce. Employees can become the weakest link in an organisation’s cybersecurity strategy, whether intentionally or unintentionally.

By acknowledging this statistic, organisations can better understand the necessity of implementing robust security measures and employee training programs. Building a culture of cybersecurity consciousness is imperative to empower employees to actively safeguard sensitive data and mitigate the risk of data breaches.

Education and regular training sessions should be conducted to raise awareness about common cyber threats, such as phishing attacks and social engineering. By equipping employees with the knowledge and skills to identify and respond to these threats, organisations can reduce the likelihood of internal actors inadvertently causing security incidents.

Furthermore, the statistic serves as a reminder for organisations to establish strong access control policies and regularly review and monitor employee access to sensitive information. Implementing role-based access control (RBAC) ensures that employees only have access to the data necessary for their job responsibilities, minimising the risk of internal data breaches.

Nicolas Lagrèze is the COO of Cyberion

Jonas Von Oldenskiold and other experts contribute to our newsletter

Jonas Von Oldenskiold and other experts contribute to our newsletter

Subscribe and stay up to date on key topics relating to cyber security and cyber insurance

*By subscribing, I agree to my data being processed in accordance with the privacy policy of

Want to read next

cyber attack

Mirela Dimofte

February 8, 2024

Sign up for the newsletter

If you want relevant updates occasionally, sign up for the private newsletter. Your email is never shared.