One-Third Of IT Staff Are Hackers

About a third of IT staff have hacked an organization, sometimes the one they work for.

A report from Absolute Software shows a real “physician heal thyself” situation going on: A high percentage of IT personnel admitted to not following the same security protocols they are expected to enforce. Of those surveyed, 33% of respondents admitted to successfully hacking their own or another organization. The report also showed that 45% admitted to knowingly circumventing their own security policies.

“Given that IT is the security gatekeeper for an organization, it was alarming to see such high incidents of non-compliant behavior by IT personnel,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”

The report found that security remains at the top of the IT spending list, with 87% of respondents expecting increased investment in security this year.

Despite prioritizing security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organization (46%). This may be related to the fact that on average 33% of security protocols are not being followed, by employees. It may also explain the high number of security breaches, with 38% of respondents experiencing a data breach within the past year.

IT decision makers also bear the brunt of responsibility. Of those surveyed, 78% believe IT managers are primarily responsible for the organization’s security. The report also showed that 65% of IT decision makers believe they would likely lose their job in the event of a security breach.

"Despite marked improvements, businesses are still very susceptible to attack,” added Midgley. “The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”

The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security. But, they were also most likely to hack their own organization: 41% of IT professionals aged 18-44 would, vs. just 12% of IT professionals aged 45+ that would.

Infosecurity Magazine: http://bit.ly/1PW8G1S

« Belgian Government Plagued By Hackers
Cybercrime: Is the Sky Really Falling? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

SecurityHQ

SecurityHQ

SecurityHQ (formerly known as Si Consult) is a Global Managed Security Service Provider (MSSP) that monitors networks 24/7, to ensure complete visibility and protection against your cyber threats.

Cybint Solutions

Cybint Solutions

Cybint provides customized cyber education and training solutions for Higher Education, Companies and Government.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

InfoExpress

InfoExpress

InfoExpress provides network security solutions that enhance productivity and security through better visibility, improved security, and automating device and mobile access to the network.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

Kinnami Software

Kinnami Software

Kinnami is a data security company that equips organizations with the tools they need to secure and protect highly confidential documents and data.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Kiberna

Kiberna

Kiberna are a small but niche company specialising in data driven security to manage your cyber risks.

Suresecure

Suresecure

Suresecure are a specialised consulting company providing Strategic IT security consulting, Managed Security Services, and Incident Response Management.

HORNE

HORNE

HORNE is a professional services firm supporting clients in public, private & government sectors nationwide.

Schneider Downs

Schneider Downs

Schneider Downs & Co. provides accounting, tax and business advisory services through innovative thought leaders who deliver their expertise to meet the individual needs of each client.

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.

Cyber Qubits

Cyber Qubits

Cyber Qubits is a cybersecurity training and consulting company focused on developing the next generation of cybersecurity professionals.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.