The cost of living crisis continues to plague consumers and businesses. In the UK, consumer prices rose 10.1% year-on-year in March, according to to the Office for National Statistics. That was down slightly from 10.4% in February. According to cybersecurity firm Bridewell’s “Cybersecurity Research Report on Critical National Infrastructure Organizations to 2023”, The current economic crisis will also affect cybersecurity, 34% of organizations A surge in cybercrime is foreseen in the UK’s critical national infrastructure (CNI).
Inflationary pressures are the basis for all future negative effects. As Bridewell co-CEO Scott Nicholson noted in the report, these economic pressures have led to higher food and energy prices, increasing the risk of “internal cyber threats.” Whether motivated by malice or ignorance, employees can pose a huge threat to the systems that keep critical UK systems running. In fact, 67 percent of respondents said cybersecurity risks from insiders have increased over the past three years.
Job theft – including stealing office supplies, stealing data and misappropriating company funds – has increased by one-fifth in Wales and England.
Inflation has also forced many organizations to reassess their budgets, resulting in significant cuts to national critical infrastructure (CNI) cyber budgets and making organizations more vulnerable to cyber attacks.
As a result, 35 percent of CNI decision makers report that the recession is driving an increasing number of internal employees to turn to cybercrime.
what can be done
According to the Bridewell report, there are many things organizations can do to mitigate the internal security risks posed by employees — starting with building strong cyber defenses from within the organization. Vulnerability assessments should also be conducted on an ongoing basis to uncover any attack surfaces.
The hiring phase is another opportunity where organizations should conduct a thorough financial check. Once hired, employees should only have access to necessary information. It is also important to monitor classified systems and train employees to spot when insider threats occur.