Monday, October 27

More Insider Threat Data

RSA recently released their latest data on Insider security.

Some interesting results:

53% of respondents feel they NEED to work around security policies to get their jobs done.

37% of respondents have stumbled into areas of the network to which they SHOULDN'T have access.

50% of U.S. respondents switched roles and still had access to UNNECESSARY accounts/resources.

And that's with most respondents understanding security policies and having been given training about the importance of following security practices.

The last time I wrote about an RSA survey pointing out that employees feel they NEED to work around security controls to get their jobs done, the number was at 35%. So, it's either gotten worse or it varies from crowd to crowd (likely the latter).

Get the full survey report here

2 comments:

ax0n said...

It definitely varies from crowd to crowd, and I'd wager a guess that many people don't even realize they are working around security policy to get their jobs done. Either they've intuitively figured out a way around DLP restrictions, or the enforcement mechanisms aren't working properly.

Regardless, data loss is largely a human problem, and pointing fingers at software failures is a good way to end up in a wild-goose-chase of symptoms without ever addressing the real issue.

A friend of mine, Michael Santarcangelo, II recently wrote a short and insightful book called Into The Breach: Protect your business by managing people, information and risk. I got a few preview copies (and will soon get a re-distributable e-book version). I'd be more than happy to send you a copy. It's a good read, even if you don't agree with the strategy that Michael presents.

Matt Flynn said...

Thanks for the comment ax0n! I agree that many policy breaches happen without people even knowing that they're doing something wrong. Let me know about the book - I'd like to take a look.