On the Pulse: INFORMATION SECURITY RISK IN AMERICAN BUSINESS



Similar documents
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Managing the Unpredictable Human Element of Cybersecurity

SMALL BUSINESS REPUTATION & THE CYBER RISK

Managing the Ongoing Challenge of Insider Threats

The Future of Network Security Sophos 2012 Network Security Survey

Senaca Shield Presents 10 Top Tip For Small Business Cyber Security

Insights: Data Protection and the Cloud North America

MAXIMUM PROTECTION, MINIMUM DOWNTIME

Perception and knowledge of IT threats: the consumer s point of view

Single-Vendor Security Ecosystems Offer Concrete Benefits Over Point Solutions

KEEPING PATIENT INFORMATION SAFE AND SECURE IN THE CLOUD

Cybersecurity report As technology evolves, new risks drive innovation in cybersecurity

Small businesses: What you need to know about cyber security

The Attacker s Target: The Small Business

2015 VORMETRIC INSIDER THREAT REPORT

Assessing the strength of your security operating model

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

Internet threats: steps to security for your small business

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

Financial Implications of Cybercrime Meeting the Information Security Management Challenge in the Cyber-Age

Netskope Cloud Report. Report Highlights. cloud report. Three of the top 10 cloud apps are Storage, and enterprises use an average of 26 such apps

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

The State of Network Security 2013: Attitudes and Opinions An AlgoSec Survey

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

How To Protect Your Organization From Insider Threats

Small businesses: What you need to know about cyber security

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Why Endpoint Backup Is More Critical Than Ever

The 7 Disaster Planning Essentials

How To Protect Your Data From Being Hacked

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, CEO EDS Corporation

The Risks of Cloud Storage

CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE

Global Corporate IT Security Risks: 2013

How-To Guide: Cyber Security. Content Provided by

How To Find Out What People Think About Hipaa Compliance

PROTECTING YOUR DIGITAL LIFE

next generation privilege identity management

3 Marketing Security Risks. How to combat the threats to the security of your Marketing Database

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

IT Security DO s and DON Ts

CYBER SECURITY STRATEGY AN OVERVIEW

BAE Systems Cyber Security Survey Report

A number of factors contribute to the diminished regard for security:

BEHIND OUR DIGITAL DOORS: CYBERSECURITY & THE CONNECTED HOME. Executive Summary

Transcription:

On the Pulse: INFORMATION SECURITY RISK IN AMERICAN BUSINESS

On The Pulse: INFORMATION SECURITY RISK IN AMERICAN BUSINESS Employees Believe Company and Information is at Risk American businesses need to fortify their protections against information security threats. In a recent flash survey of American office workers, Stroz Friedberg explored the state of information security in U.S. businesses. The reality is rather bleak. More than half of respondents gave corporate America s response to cyber threats a grade C or lower. Nearly three-quarters of respondents expressed concerned that a hacker could break into their employers computer networks and steal their personal information. Worst Offenders in High Risk Electronic Behavior are Senior Managers But many respondents also admitted to engaging in high-risk behaviors, such as uploading work files to their personal email and cloud accounts, and accidentally sending sensitive information to the wrong person. Senior management those who often have high levels of access to valuable company information admitted to partaking in risky behaviors most readily. Personal technology preferences contributed to many of the transgressions. One bright spot is the efficacy of company policy. Workers who said they did not participate in highrisk behaviors cited strict company policy as the reason why. When company information gets into the wrong hands whether it s due to a careless insider, a malicious insider, or a hacker a business can lose the trust of its customers, partners, and investors, as well as its competitive advantages. Knowledge about real-life risks in the workplace and how companies are successfully managing high-risk behaviors can help business leaders better understand how to protect their firms.

Senior Managers are the worst information Security Offenders 87% of senior managers regularly upload work files to a personal email or cloud account 58% have accidentally sent the wrong person sensitive information (vs. only 25% of workers overall) 51% have taken files with them after leaving a job twice as many as office workers in general Senior management generally has more access to valuable information than lower-ranking employees. All three behaviors increase the risk of proprietary information getting into the wrong hands.

PERSONAL TECH PREFERENCES ARE INCREASING INFORMATION SECURITY RISKS NEARLY 3/4 of office workers upload work files to a personal email or cloud account OF THOSE... (the majority) say it s because they prefer using their personal computer 14% say it s because it s too much work to bring their work laptop home OFFICE WORKERS DON T KNOW THE RISKS? 11% of workers who don t send work files through personal accounts are aware of company policies against doing so Only 37% received mobile device security training 42% received information sharing training With the proliferation of bring-your-own-devices (BYOD) in the workplace and the use of personal technologies for work, employees need more training and policies to keep information secure.

Employees Are Worried About the Security of their Personal Information of all office workers are concerned a hacker could steal their personal information such as their Social Security number, birthday or home address 61% Just 6% said they weren t concerned at all think that corporations deserve a C grade or less for cyber security Employees in general don t feel that their own sensitive information is safe in their company s network which isn t surprising considering the overall lack of confidence in corporate America s ability to protect against cyber threats.

Senior leadership rate themselves Poorly in cyber security 45% say that they themselves are responsible for protecting companies against cyber attack yet 52% of senior leadership give corporate America s response to cyber threats a grade of C or lower Fortunately for them, others think cyber security responsibilities fall elsewhere 54% of lower-ranking employees say that it s IT s problem the reality is, the responsibility for information security falls on everyone across an organization, but companies that do it most effectively have security ingrained in their culture, starting from the top.

On The Pulse: INFORMATION SECURITY RISK IN AMERICAN BUSINESS Methodology This Stroz Friedberg report was conducted by KRC Research. Between the dates of October 28, 2013, and November 4, 2013, KRC Research administered an online survey to 764 information workers in the United States who use a computer for their jobs and work for companies with more than 20 employees. The proportion of respondents who work for small, medium, and large businesses match those of the U.S. Census Bureau in order to produce a realistic picture of American business. Senior Managers refer to titles above Vice President; Managers refer to Directors and Vice Presidents; others incorporates all other workers fitting the methodology profile. All results are represented by percentages. Percentages may not total 100% due to rounding.

strozfriedberg.com 2013 by Stroz Friedberg. All rights reserved.