Nearly half (45 per cent) of office workers would be willing to sell their firm’s corporate information, according to a new survey which highlights the growing risk of insider threat to UK businesses.

A study by Malvern-based cyber security startup Deep Secure found that a quarter of employees would accept £1,000 as the price for giving away company information to outsiders, whilst five per cent would offer it for free.

The report found that £1,000 would be enough to tempt 15 per cent of office workers to pass on confidential market information about their company or customers’ businesses, details of their firm’s sales pipeline, sensitive information relating to their colleagues, and customer information.

Meanwhile, 10 per cent would also sell intellectual property such as product specifications, product code and patents, for £250 or less.

It was found that the risk of insiders giving away information was not a hypothetical threat, with 59 per cent of office workers admitting to having taken information off corporate networks. In some instances, this was for personal use, with the potential value to the individual’s future career success a key driver: either because it would be of use in a new role (12 per cent) or they wanted to keep a record of their work (12 per cent).

In addition, 47 per cent of those that had taken information from their corporate network admitted they had given it to a third-party – rising to 62 per cent among male respondents. Frequently the information was taken from a previous company and given to their new employer or employees - 16 per cent and 19 per cent - but 17 per cent were approached by someone they didn’t know.

When it came to the methods for removing documents, some individuals reported using traditional techniques to take information from corporate networks, including printing, handwriting and taking a photo of the information – 11 per cent, nine per cent and eight per cent respectively.

However, digital techniques were more commonly used, with 11 per cent of respondents reporting having sent the information to the third-party by email, directly uploading it into their personal cloud storage, or giving it to them on an external storage device.

Dan Turner, chief executive of Deep Secure, said: “The cost of employee loyalty is staggeringly low – with nearly half of all office workers admitting that they would sell their company and clients’ most sensitive and valuable information, the business risk is not only indisputable but immense in the age of GDPR and where customers no longer tolerate data breaches.”

Share Story: