The results underscore the “it won’t happen to us” mentality that many organizations have today.
Who should be in charge of IT security within an organization? Who are the biggest IT security offenders?
The survey results may surprise you.
The first study, conducted by forensics and risk management firm, Stroz Friedber, found that “nearly three-quarters of respondents expressed concern that a hacker could break into their employers’ computer networks and steal their personal information.”
However, the survey results showed a somewhat lax attitude toward keeping information safe and private within the organization.
- 87% of senior managers regularly upload work files to personal email or cloud accounts
- 58% of senior managers have accidentally sent the wrong person sensitive information (vs. only 25% of workers overall)
- 51% of senior managers have taken files with them after leaving a job – twice as many as office workers in general
- 60% of those questioned gave their firm a “C” grade or less for cyber security
- 54% of lower-ranking employees said that it was IT’s problem to keep the network safe
Another study by Osterman Research found that employees bringing malware into the company network is a serious concern. The study reported that 74% of respondents said that their company network had been penetrated by malware introduced by surfing the Internet in the last 12 months.
To piggyback the Oseterman study, SecureData’s study showed that 60% of IT professionals said the biggest risk to their company’s security was employee carelessness.
The report also found:
- 40% of respondents felt that educating employees was the most important step to improving security
- 25% said that implementing a clear security management policy was their weakest area
- 44% said that the ultimate responsibility for security decision-making is left in the hands of more junior IT managers, rather than C-level staff or department heads
Maybe there isn’t one right answer or one main keeper of IT security. All employees should be diligent and take responsibility for their online habits and strictly follow a company’s IT security rules.
“The reality is, the responsibility for information security falls on everyone across an organization, but companies that do it most effectively have security ingrained in their culture, starting from the top,” said the Stroz Friedber survey.
If your company’s IT team is overloaded, it may be helpful to enlist the services of an outsourced IT manager. A third-party won’t replace your team, instead they can come in and look for weaknesses and help strengthen the entire company from the inside out.
Think about it, how many security breaches can your company handle before it is officially out of the game?
Photo Credit: e-discovery 2.0