Is there any documented information or statistics that show the
of security incidents/hacks that are a result of actions of former
employees whose access rights were not terminated?
According to PricewaterhouseCooper's global security survey, 13% of
security breaches were by former employees, although the report does not
specify the number of incidents where failure to terminate access rights
was a factor.
A recent report on a U.K. bank found that 48% of employees who had been
laid off were still able to access networks using their passwords. The
report didn't say how long afterwards.
For more information on this topic, visit these other SearchSecurity.com resources:
News & Analysis: Destruction from the inside out
News & Analysis: Employees: Your best defense, or your greatest vulnerability?
This was first published in November 2001