Employees are now more dangerous to their company than external hackers

For the first time ever, internal threats have become more common that external ones, with hacking remaining pretty steady at 31% of attacks compared with employee misuse, which rose from 29% to 45%.

However, while it's the employees who could be driving a higher risk internally, companies could be doing more to protect themselves in far more than just the basic cybersecurity sense.

Internal risks are now the biggest threat organizations face

The report attributes some risks to the rise in shadow IT – something we've heard a lot about lately as companies struggle to apply AI correctly across their organizations. Frustrated workers often resort to unapproved tools, often feeding sensitive company information into public apps.

There's also the fact that hackers themselves are more frequently targeting company insiders, exploiting everyday employee behavior instead of having to rely on more sophisticated, crafted attacks from outside.

"While not inherently malicious, employee misuse can be just as damaging as a sophisticated breach, especially given that attackers are increasingly turning policy workarounds into external entry points," Senior Security Researcher Carl Morris explained.

Endpoints remain one of the biggest targets, with workers' devices involved in more than half (53%) of incidents. And while they account for a smaller percentage overall, identity attacks also rose from 10% to 17% in around a year.

Looking ahead, Orange Cyberdefense urges companies to acknowledge that many risks now come from within an organization. Tightening access controls and privileges can shrink the attack surface altogether, while simple multi-factor authentication can also serve to prevent attackers from gaining access.