In our report, IT Confidential: The State of Security Confidence, we uncovered some surprising truths about the Insider Threat. In particular, our report revealed that those tasked with protecting data, the “gatekeepers,” were often responsible for putting it at risk. The question, then, is Why are the IT ‘gatekeepers’ becoming ‘gatecrashers’?
It has been acknowledged that employees are often the biggest threat to data security, responsibly for most data breaches, and our survey confirmed that 46% of IT and security pros believe employees represent the greatest security risk to their organization. Most of these breaches are not malicious, but the result of mistakes and negligence, often when employees view IT as an impediment to their productivity. What our survey revealed, however, is how these same IT pros are engaging in behaviors they condemn in non-IT employees.
In an attempt to answer that question, TechNewsWorld interviewed their own panel of experts, coming up with some ideas:
- IT and security pros circumvent security policies for the same reason as every other employee: for convenience and productivity, suggest Kunal Rupani of Accession
- IT and security pros are seeking the fastest path to get the job done, so well-meaning technologies such as token authentication systems – which can take up to an hour a day logging in and out – are often bypassed, suggests Tom Clare of Gurucul
- Arrogance and impatience and a belief of “invincibility” within IT and C-level may lead to irresponsible behavior, suggests Pierluigi Stella of Network Box USA
- Suggesting a more optimistic view, we suggested a portion of the results may be attributable to penetration testing
For more insights into the state of security confidence, read our full report.