Employees are now more dangerous to their company than external hackers
- Internal threats now represent more than half of cases, at 57%
- Employees’ devices and credentials are among the most targeted
- Companies should acknowledge this and tighten access for a quick fix
New data from Orange Cyberdefense has suggested the biggest risks companies face could now be coming from inside, with internal threats rising from 47% to 57% in the space of less than a year.
For the first time ever, internal threats have become more common that external ones, with hacking remaining pretty steady at 31% of attacks compared with employee misuse, which rose from 29% to 45%.
However, while it’s the employees who could be driving a higher risk internally, companies could be doing more to protect themselves in far more than just the basic cybersecurity sense.
Article continues below
Internal risks are now the biggest threat organizations face
The report attributes some risks to the rise in shadow IT – something we’ve heard a lot about lately as companies struggle to apply AI correctly across their organizations. Frustrated workers often resort to unapproved tools, often feeding sensitive company information into public apps.
There’s also the fact that hackers themselves are more frequently targeting company insiders, exploiting everyday employee behavior instead of having to rely on more sophisticated, crafted attacks from outside.
“While not inherently malicious, employee misuse can be just as damaging as a sophisticated breach, especially given that attackers are increasingly turning policy workarounds into external entry points,” Senior Security Researcher Carl Morris explained.
Endpoints remain one of the biggest targets, with workers’ devices involved in more than half (53%) of incidents. And while they account for a smaller percentage overall, identity attacks also rose from 10% to 17% in around a year.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Looking ahead, Orange Cyberdefense urges companies to acknowledge that many risks now come from within an organization. Tightening access controls and privileges can shrink the attack surface altogether, while simple multi-factor authentication can also serve to prevent attackers from gaining access.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
Internal threats now represent more than half of cases, at 57% Employees’ devices and credentials are among the most targeted Companies should acknowledge this and tighten access for a quick fix New data from Orange Cyberdefense has suggested the biggest risks companies face could now be coming from inside, with…
Recent Posts
- Dave Eggers told OpenAI staff that ChatGPT was ‘silencing an entire generation’
- France doubles down on restricting access to Polymarket
- Apple has banned home service content on upcoming Maps ads
- Google might not kneecap the Pixel 11a with an old processor
- How to watch France vs England: Free Streams, TV Channels & Kick-Off time for FIFA World Cup 2026 third place play-off
Archives
- July 2026
- June 2026
- May 2026
- April 2026
- March 2026
- February 2026
- January 2026
- December 2025
- November 2025
- October 2025
- September 2025
- August 2025
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023