Some interesting results:
And that's with most respondents understanding security policies and having been given training about the importance of following security practices.
53% of respondents feel they NEED to work around security policies to get their jobs done.
37% of respondents have stumbled into areas of the network to which they SHOULDN'T have access.
50% of U.S. respondents switched roles and still had access to UNNECESSARY accounts/resources.
The last time I wrote about an RSA survey pointing out that employees feel they NEED to work around security controls to get their jobs done, the number was at 35%. So, it's either gotten worse or it varies from crowd to crowd (likely the latter).
Get the full survey report here