Today's News

Survey: Insider carelessness cause of most security threats (12/11)

A new survey indicates that the biggest workplace cyber threats are often unintentional, resulting from carelessness or ignorance from individuals within the organization or company.

"The plain fact of the matter is, a simple thing that we might not be aware of can expose risk," said Sam Curry, vice president of product management and marketing at Bedford, Mass.-based RSA, the security division of EMC Corp. that released the survey Monday. "In some cases, the bad guys are looking for those. There are certain social human behaviors that the bad guy can watch for and exploit."

The "person on the street" survey, conducted in November, anonymously polled government and enterprise workers in Boston and Washington D.C. in an effort to assess everyday behavior that had the potential to compromise security and put sensitive information at risk. While seemingly harmless or well-intended, these behaviors can subsequently initiate data exposure of extraordinary proportions, resulting in enormous financial loss.

"The real assets are data assets. It's all about information. Really what we've got to do is minimize risk around information," said Curry. "The bad guys are into fraud. They're very well funded, and they are extremely motivated to make money. You can reduce a lot of risk by taking away the innocent mistakes."

Some of these innocent mistakes are committed by individuals who circumvent security regulations just to get their jobs done. While the survey found that most companies provide training on security best practices, about 35 percent of respondents felt that they needed to work around their company's established security policies just to complete their job-related duties. In addition, 63 percent of respondents said that they frequently or sometimes sent work documents to their personal email address so they could complete their tasks at home, and more than half said that they have accessed their work email from a public computer.

Changing insider roles also played a large part in compromising security. An overwhelming majority — 72 percent — reported that their company or organization employs temporary workers or contractors who require access to sensitive information and systems. Almost a quarter of respondents polled said they stumbled into an area of their corporate network to which they should not have had access, and 33 percent said they still had access to old accounts or resources after switching jobs internally.

At other times, trusting workers literally hold the door wide open for perpetrators. More than a third of respondents said they have opened a secured door for someone they didn't recognize at work, while 40 percent of workers said that someone else they didn't know let them into their building after they had forgotten their access card or key. And of the two-thirds of respondents that said their company provides a wireless network, 19 percent said that access was completely open, with no login credentials required.

Did you enjoy this article? Click here to subscribe to ISHN.

You must login or register in order to post a comment.



Image Galleries

Scenes from the World of Safety

Sights, signs & symbols from the National Safety Congress & Expo held in San Diego, CA, September 15-18

4/14/15 2:00 pm EDT

RISK-BASED SAFETY MANAGEMENT SYSTEM: Key Components for Applying Risk Tools to EHS Efforts

Join us for this webinar as we discuss how you can make effective use of risk analysis and risk management technology to guide efforts within your organization. We will distinguish between risk analysis and risk management; and identify some of the software tools that will help proactively identify, document, mitigate, and prevent high-risk events. You will learn how to improve compliance, reduce risk, and cut costs in your organization using these automated tools.

ISHN Magazine


2015 April

Check out ISHN's April issue, which features content about lockout-tagout, heat stress, hearing protection and more!

Table Of Contents Subscribe


M:\General Shared\__AEC Store Katie Z\AEC Store\Images\ISHN\safetyfourth.jpg
Safety Engineering, 4th Edition

A practical, solutions-driven reference, Safety Engineering, 4th edition, has been completely revised and updated to reflect many of today’s issues in safety.

More Products

For Distributors Only - January 2015



For Distributors Only is ISHN's niche brand standard-sized magazine supplement aimed at an audience of 2,000 U.S. distributors that sell safety products. Circulation only goes to distributors. 



Facebook logo Twitter YouTubeLinkedIn Google + icon

ishn infographics

2012 US workplace deathsCheck out ISHN's new Infographic page! Learn more about worker safety through these interactive images. CLICK HERE to view the page.