The report, titled 'From Brutus to Snowden: a study of insider threat personas', is based on a study of 1000 US and 1000 UK desk-based workers, delving into how perceptions, attitudes and behaviour with regards to security in the workplace differ across demographics, job roles and industries. It reveals that while the majority of people (54%) believe themselves to be considerate of the security of work-related information, many lack the education or understanding to act accordingly. This became apparent in a number of key findings, including:
- Less than a third of people (28%) would know who to report a security breach to in their organisation
- Nearly a quarter (23%) of people have shared their password with one or more of their colleagues, with a further 10% having shared theirs with a manager
- Password sharing is increasing, with 22% agreeing that they share their work logins more frequently now than they did two years ago, with those in marketing (33%), sales (30%) and IT (27%) being the most likely culprits
Age defining attitudes
The report shows a huge difference in security attitudes between younger and older generations, with those in age groups 16 to 24 and 25 to 34 being far more likely to share work logins (35% and 32% respectively) than those of over 35 (15%).
How to alter behaviour
The study also found that the strongest incentive for preventing users sharing passwords is if someone else using your login restricts your own access, cited by 29% as the most likely measure to stop them. This was found to be a particularly effective measure for those younger generations (37% of those aged 16 to 24 and 36% aged 25 to 34).
Franois Amigorena, CEO of IS Decisions, commented: "Insider threat does not have to be a total unknown. One of the most important steps towards tackling internal security is understanding your own users, and their attitudes and behavior, in order to know the risks and mitigate against them
"What we've found as a recurring theme is lack of education, though manifesting itself wildly differently, with differences between generations, an interesting trend for what appears to be wilful flouting of policy in some regulated industries and a 'do as I say, not as I do' attitude from many in senior management. This breadth of different attitudes highlights the need for a tailored approach to tackling internal security, that addresses everyone in an organisation, from top to bottom."
Download 'From Brutus to Snowden: a study of insider threat personas'.
About IS Decisions
IS Decisions makes it easy to safeguard and secure your Microsoft Windows and Active Directory infrastructure. With solutions for user access control, file auditing, server and desktop reporting, and remote installations, IS Decisions combines the powerful security today's business world mandates with the innovative simplicity the modern user expects. Over 3,000 customers around the world rely on IS Decisions to prevent security breaches; ensure compliance with major regulations, such as SOX, FISMA and HIPAA; quickly respond to IT emergencies; and gain time and cost-savings for IT.
IS Decisions is a Microsoft Silver Partner based in Biarritz,
+ 44 208 408 8000+ 44 208 408 8000CallSend SMSAdd to SkypeYou'll need Skype CreditFree via
Most Popular Stories
- Pandora Tumbles in Late Trading
- Stop-Start Engines Save Gas, Reduce Emissions
- Sporty Ford Fiesta Fires on All 3 Cylinders
- World Tensions Don't Curb Enthusiasm for Stocks
- Ohio State Band Chief Fired After Probe
- Shia LaBeouf Plea Deal, Alcoholism Treatment
- Visa, Amazon Results Drag Down the Street
- U.K. Economy Surpasses Pre-Crisis Peak
- Russia Fears Lasting Damage From Ukraine Crisis
- Hispanic Leader Goes the Extra Mile