'Shadow IT' use by employees put more Indian firms at cyber attack risk


New Delhi, Dec 25 (IANS): About 89 per cent of companies in India suffered cyber incidents in the last two years, and 20 per cent of these were caused by the use of shadow IT, according to a new report.

Companies are at the high risk of becoming targets of cyber incidents due to the use of shadow IT by their employees amid the growing trend towards a distributed workforce, a study by cyber-security firm Kaspersky showed.

In the last two years, 11 per cent of companies worldwide have suffered cyber incidents due to the use of shadow IT by employees.

Shadow IT is the part of the company’s IT infrastructure that is outside the purview of the IT and Information Security departments, i.e. applications, devices, public cloud services etc. but that is not being used in accordance with information security policies.

"Employees who use applications, devices or cloud services that are not approved by the IT department, believe that if those IT products come from trusted providers, they should be protected and safe," said Alexey Vovk, Head of Information Security at Kaspersky.

However, in the 'terms and conditions', third-party providers use the so-called 'shared responsibility model'.

"It states that, by choosing 'I agree' users confirm that they will perform regular updates of this software and that they take responsibility for incidents related to the use of this software (including corporate data leakages)," Vovk said.

But, at the end of the day, business needs tools to control the shadow IT when it’s used by employees.

Deployment and operating shadow IT can lead to serious negative outcomes for businesses. Many instances were found in the Kaspersky study, which revealed that the IT industry – had been the hardest hit, suffering 16 per cent of cyber incidents due to the unauthorised use of shadow IT in 2022 and 2023.

Other sectors hit by the problem were critical infrastructure and transport and logistics organisations, which saw 13 per cent attacks, said the report.

 

  

Top Stories


Leave a Comment

Title: 'Shadow IT' use by employees put more Indian firms at cyber attack risk



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.