One-Third Of IT Staff Are Hackers

Uploaded on 2016-03-01 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, NEWS-Cybersecurity News

About a third of IT staff have hacked an organization, sometimes the one they work for.

A report from Absolute Software shows a real “physician heal thyself” situation going on: A high percentage of IT personnel admitted to not following the same security protocols they are expected to enforce. Of those surveyed, 33% of respondents admitted to successfully hacking their own or another organization. The report also showed that 45% admitted to knowingly circumventing their own security policies.

“Given that IT is the security gatekeeper for an organization, it was alarming to see such high incidents of non-compliant behavior by IT personnel,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”

The report found that security remains at the top of the IT spending list, with 87% of respondents expecting increased investment in security this year.

Despite prioritizing security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organization (46%). This may be related to the fact that on average 33% of security protocols are not being followed, by employees. It may also explain the high number of security breaches, with 38% of respondents experiencing a data breach within the past year.

IT decision makers also bear the brunt of responsibility. Of those surveyed, 78% believe IT managers are primarily responsible for the organization’s security. The report also showed that 65% of IT decision makers believe they would likely lose their job in the event of a security breach.

"Despite marked improvements, businesses are still very susceptible to attack,” added Midgley. “The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”

The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security. But, they were also most likely to hack their own organization: 41% of IT professionals aged 18-44 would, vs. just 12% of IT professionals aged 45+ that would.

Infosecurity Magazine: http://bit.ly/1PW8G1S

« Belgian Government Plagued By Hackers
Cybercrime: Is the Sky Really Falling? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Defense Advanced Research Projects Agency (DARPA)

Defense Advanced Research Projects Agency (DARPA)

DARPA's mission is to develop breakthrough technologies for national security. The Information Innovation Office undertakes cyber security activities.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

Center for Long-Term Cybersecurity (CLTC)

Center for Long-Term Cybersecurity (CLTC)

The Center for Long-Term Cybersecurity is developing and shaping cybersecurity research and practice based on a long-term vision of the internet and its future.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Melius Cyber Security

Melius Cyber Security

Melius Cyber Security has developed a world-leading SaaS platform, Cyber Safe Plus, built around continuous assessment and improvement through vulnerability scanning and penetration testing

Inroad Technologies

Inroad Technologies

Inroad Technologies provide IT services that help keep your business computers, servers and networks secure and trouble-free.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.