SGGPO
New research from Kaspersky shows that employees violating an organization's information security policies are just as dangerous as hacker attacks.
 |
| There should be specific security policies for employees to ensure information security. |
In the past two years, 33% of cybersecurity incidents at businesses in Asia- Pacific (APAC) were caused by employees deliberately violating security protocols. This figure is close to the damage caused by data breaches in cyberspace, with 40% of cyber incidents caused by hacker attacks in the region. These figures tend to be higher when compared to the global average of 26% and 30%, respectively.
Kaspersky research revealed that, in addition to technical errors beyond human control, employee information security policy violations are also one of the most serious problems for businesses in the region.
In terms of individual employee behavior, the most common problem is that employees intentionally violate company policies and, conversely, do things they are not required to do. Research participants said that 35% of cybersecurity incidents were due to weak passwords and not changing passwords regularly, 10% higher than the global result of 25%.
 |
In addition, 32% of APAC employees accessing unsecured websites led to data breaches, while 25% of employees reported that their business faced network issues because their colleagues did not update software and applications when required by the system.
“It is alarming that there have been numerous data breaches and ransomware attacks in the region this year, yet many employees are still deliberately violating basic information security policies. Kaspersky’s latest research proves that APAC data breaches are consistently higher than the global average, so a multi-departmental approach is an effective way to build a corporate security culture that addresses the human element that cybercriminals are exploiting,” said Adrian Hia, Managing Director of Asia Pacific at Kaspersky.
To limit the consequences of employees violating information security policies, affecting the business infrastructure, Kaspersky recommends: Using cybersecurity solutions with the ability to control applications, web and devices, such as Kaspersky Endpoint Security for Business and Kaspersky Endpoint Security Cloud; Control the transmission and receipt of two-way data in the system. With Kaspersky Endpoint Security Cloud, Kaspersky Security for Mail Server and Kaspersky Security for Microsoft Office 365, related problems can be solved with data analysis and content filtering functions...
Source
![[Photo] General Secretary To Lam presents the First Class Labor Medal to the Vietnam National Energy and Industry Group](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/21/0ad2d50e1c274a55a3736500c5f262e5)
![[Photo] General Secretary To Lam attends the 50th anniversary of the founding of the Vietnam National Industry and Energy Group](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/21/bb0920727d8f437887016d196b350dbf)
Comment (0)