Despite the fact that the previously discussed Verizon report shows no jump on insider attacks, a new report from Cyber-Ark shows that IT personnel admit to accessing information on a system not relevant to their role or had used administrative passwords to access confidential or sensitive information.
The 2011 Snooping Survey, conducted with 1,422 IT staff and C-level professionals across North America and EMEA, may indicate that there are many eyes looking at data that they shouldn’t be – although this doesn’t yet indicate a breach, of course.
However, a troubling figure indicates that data security may be at risk. 40% of IT personnel and 47% of C-level personnel believe they can get around controls that have been put in place to monitor user / privileged data access. It’s clear that this is a red flag in data security that companies should be addressing.
“Privileged accounts are the key tool that external attackers and insiders leverage to access and exfiltrate an organization’s sensitive information. While the survey shows a greater awareness around protecting these targets from attacks from any vector, it’s concerning that nearly 1 in 5 of C-level respondent believe that their corporations sensitive information may be being used against them in the market.”
Hat tip to Network World