One-Third Of IT Staff Are Hackers

About a third of IT staff have hacked an organization, sometimes the one they work for.

A report from Absolute Software shows a real “physician heal thyself” situation going on: A high percentage of IT personnel admitted to not following the same security protocols they are expected to enforce. Of those surveyed, 33% of respondents admitted to successfully hacking their own or another organization. The report also showed that 45% admitted to knowingly circumventing their own security policies.

“Given that IT is the security gatekeeper for an organization, it was alarming to see such high incidents of non-compliant behavior by IT personnel,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”

The report found that security remains at the top of the IT spending list, with 87% of respondents expecting increased investment in security this year.

Despite prioritizing security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organization (46%). This may be related to the fact that on average 33% of security protocols are not being followed, by employees. It may also explain the high number of security breaches, with 38% of respondents experiencing a data breach within the past year.

IT decision makers also bear the brunt of responsibility. Of those surveyed, 78% believe IT managers are primarily responsible for the organization’s security. The report also showed that 65% of IT decision makers believe they would likely lose their job in the event of a security breach.

"Despite marked improvements, businesses are still very susceptible to attack,” added Midgley. “The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”

The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security. But, they were also most likely to hack their own organization: 41% of IT professionals aged 18-44 would, vs. just 12% of IT professionals aged 45+ that would.

Infosecurity Magazine: http://bit.ly/1PW8G1S

« Belgian Government Plagued By Hackers
Cybercrime: Is the Sky Really Falling? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Satisnet

Satisnet

Satisnet is a leading Security Reseller, Managed Security Services Provider (MSSP) and Cyber Training Innovator, with operations throughout the UK, EMEA and United States.

Endace

Endace

Endace is a leader in network visibility, network recording and packet capture solutions for security, network and application performance monitoring.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Lloyd's

Lloyd's

As an insurance market, Lloyd’s can provide access to more than 65 expert cyber risk insurers in one place.

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

Rocheston

Rocheston

Rocheston is an innovation company with cutting-edge research and development in emerging technologies such as Cybersecurity, Internet of Things, Big Data and automation.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Eureka Security

Eureka Security

Eureka help organizations securely use any cloud data storage technology they need without having to compromise on security.

Esprinet

Esprinet

The Esprinet Group is an enabler of the technology ecosystem: a team of people who promote access to technology through an extensive network of professional resellers.