UK-based IT professionals twice as likely to moonlight as cyber criminals

Low salaries to blame for the emergence of grey hats drawn by greater financial rewards

IT professionals from the UK are almost twice as likely to engage in criminal 'grey hat' hacking than employees from the rest of the world, a new report has claimed.

The emergence of grey hats, defined as legitimate cyber security employees who also engage in criminal activity, was highlighted in a report titled 'White Hat, Black Hat and the emergence of the Grey Hat' The true cost of cybercrime' released today.

The findings also explored the high cost of cyber crime to organisations, how frequent major attacks can be, and how likely organisations are to suffer security breaches.

While only 4.6% of IT professionals across the world are perceived to be grey hats, this is true for 7.9% of UK employees - who are for instance more than twice as likely as their German counterparts, 3.4%, to cross the line and engage in cyber crime.

The greater likelihood for UK-based professionals to engage in cyber crime - with 32% saying they had been approached about participating in black hat activity against 22% from the rest of the world - coincides with low pay.

Advertisement - Article continues below
Advertisement - Article continues below

"There are a number of reasons that security professionals see as reasons for becoming a black hat, but the most common reason cited in our research is the ability to earn more money than by working as a security professional," the report said.

The average starting salary for IT professionals was the lowest in the UK compared against the five regions surveyed, which also included the US, Germany, Australia and Singapore. The research cited another study that suggested the most lucrative cyber criminals can earn more than $166,000 per month.

Collated by Osterman, and sponsored by cyber security company Malwarebytes, the findings also revealed the urge to cross the line correlates directly with the size of a company one works for. While grey hats represent only 2.8% of IT professionals in small businesses, this is true for 5.7% of employees working for larger firms.

Elsewhere the report revealed large organisations in the US are almost four times more likely to suffer major security events than UK organisations, 1.8 per year versus 0.5, while the total annual security cost is almost double, $1.896,724 versus $1,088,129.

The cost to large organisations, comprising 2,500 employees, is actually just under $100,000 less than the global average of $1,167,178, while they are also slightly less likely to suffer a major security incident than large businesses from the other regions surveyed, who experience 0.8 incidents per year.

Advertisement - Article continues below

"The current skills shortage combined with a steady stream of attacks against antiquated endpoint protection methods continues to drive up costs for today's businesses, with a seemingly larger hit to security departments of mid-market enterprises," said Marcin Kleczynski, Malwarebytes CEO.

"On top of this, we are seeing more instances of the malicious insider causing damage to company productivity, revenue, IP and reputation.

"We need to up-level the need for proper security financing to the executive and board level. This also means updating endpoint security solutions and hiring and rewarding the best and brightest security professionals who manage endpoint protection, detection and remediation solutions."

Image: Shutterstock

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular


How to use Chromecast without Wi-Fi

5 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020
Microsoft Windows

Windows 7 bug blocks users from shutting down their PCs

10 Feb 2020

Coronavirus starts to take its toll on the tech industry

6 Feb 2020