A Kaspersky study reveals that 11% of recent cyber incidents in 77% of companies were caused by employees using shadow IT, posing significant cybersecurity risks.
27 December 2023 – Companies are at an increased risk of cyber incidents due to the use of shadow IT by employees amid the growing trend towards a distributed workforce, according to a recent study by Kaspersky. The study found that 77% of companies suffered cyber incidents in the last two years, with 11% attributed to the use of shadow IT.
A recent Kaspersky study revealed that, in the last two years, 11% of companies worldwide have experienced cyber incidents due to the use of shadow IT by employees. The consequences of shadow IT use, such as unauthorized applications and devices, can be severe, leading to data leaks or tangible damage to businesses. The IT industry was the hardest hit, accounting for 16% of cyber incidents, followed by critical infrastructure and transport & logistics organizations at 13%.
A recent case involving Okta highlights the dangers of shadow IT, where an employee’s use of a personal Google account on a company-owned device unintentionally led to threat actors gaining unauthorized access to Okta’s customer support system. This incident, lasting 20 days, impacted 134 of the company’s customers.
Shadow IT refers to the part of a company’s IT infrastructure outside the purview of IT and Information Security departments, including unauthorized applications, devices, and public cloud services used without adherence to information security policies. The Kaspersky study emphasizes the need for businesses to address this growing threat, especially in light of potential catastrophic outcomes.
Alexey Vovk, Head of Information Security at Kaspersky, suggests that businesses should implement measures to control shadow IT, such as using Kaspersky Endpoint Security for Business and Kaspersky Endpoint Security Cloud. These solutions offer Application, Web, and Device controls to limit the use of unsolicited apps, websites, and peripherals.
To mitigate the risks associated with shadow IT, Kaspersky recommends measures such as ensuring cooperation between business and IT departments, conducting regular IT asset inventories, implementing access controls for personal devices, and providing training programs for employees to enhance their information security literacy.
Despite the potential malicious implications of shadow IT, Kaspersky notes that employees often resort to it to expand the functionality of products used at work, believing the allowed software set is insufficient. The lack of documented sanctions against employees violating IT policies regarding shadow IT adds to the complexity of the situation.
Kaspersky concludes by recommending organizations invest in relevant training programs for IT security specialists and use products that allow control over the use of shadow IT within the organization.
