Monday, October 27

More Insider Threat Data

RSA recently released their latest data on Insider security.

Some interesting results:

53% of respondents feel they NEED to work around security policies to get their jobs done.

37% of respondents have stumbled into areas of the network to which they SHOULDN'T have access.

50% of U.S. respondents switched roles and still had access to UNNECESSARY accounts/resources.

And that's with most respondents understanding security policies and having been given training about the importance of following security practices.

The last time I wrote about an RSA survey pointing out that employees feel they NEED to work around security controls to get their jobs done, the number was at 35%. So, it's either gotten worse or it varies from crowd to crowd (likely the latter).

Get the full survey report here


Anonymous said...

It definitely varies from crowd to crowd, and I'd wager a guess that many people don't even realize they are working around security policy to get their jobs done. Either they've intuitively figured out a way around DLP restrictions, or the enforcement mechanisms aren't working properly.

Regardless, data loss is largely a human problem, and pointing fingers at software failures is a good way to end up in a wild-goose-chase of symptoms without ever addressing the real issue.

A friend of mine, Michael Santarcangelo, II recently wrote a short and insightful book called Into The Breach: Protect your business by managing people, information and risk. I got a few preview copies (and will soon get a re-distributable e-book version). I'd be more than happy to send you a copy. It's a good read, even if you don't agree with the strategy that Michael presents.

Matt Flynn said...

Thanks for the comment ax0n! I agree that many policy breaches happen without people even knowing that they're doing something wrong. Let me know about the book - I'd like to take a look.