Today's News

Survey: Insider carelessness cause of most security threats (12/11)

A new survey indicates that the biggest workplace cyber threats are often unintentional, resulting from carelessness or ignorance from individuals within the organization or company.

"The plain fact of the matter is, a simple thing that we might not be aware of can expose risk," said Sam Curry, vice president of product management and marketing at Bedford, Mass.-based RSA, the security division of EMC Corp. that released the survey Monday. "In some cases, the bad guys are looking for those. There are certain social human behaviors that the bad guy can watch for and exploit."

The "person on the street" survey, conducted in November, anonymously polled government and enterprise workers in Boston and Washington D.C. in an effort to assess everyday behavior that had the potential to compromise security and put sensitive information at risk. While seemingly harmless or well-intended, these behaviors can subsequently initiate data exposure of extraordinary proportions, resulting in enormous financial loss.

"The real assets are data assets. It's all about information. Really what we've got to do is minimize risk around information," said Curry. "The bad guys are into fraud. They're very well funded, and they are extremely motivated to make money. You can reduce a lot of risk by taking away the innocent mistakes."

Some of these innocent mistakes are committed by individuals who circumvent security regulations just to get their jobs done. While the survey found that most companies provide training on security best practices, about 35 percent of respondents felt that they needed to work around their company's established security policies just to complete their job-related duties. In addition, 63 percent of respondents said that they frequently or sometimes sent work documents to their personal email address so they could complete their tasks at home, and more than half said that they have accessed their work email from a public computer.

Changing insider roles also played a large part in compromising security. An overwhelming majority — 72 percent — reported that their company or organization employs temporary workers or contractors who require access to sensitive information and systems. Almost a quarter of respondents polled said they stumbled into an area of their corporate network to which they should not have had access, and 33 percent said they still had access to old accounts or resources after switching jobs internally.

At other times, trusting workers literally hold the door wide open for perpetrators. More than a third of respondents said they have opened a secured door for someone they didn't recognize at work, while 40 percent of workers said that someone else they didn't know let them into their building after they had forgotten their access card or key. And of the two-thirds of respondents that said their company provides a wireless network, 19 percent said that access was completely open, with no login credentials required.

Did you enjoy this article? Click here to subscribe to ISHN.

You must login or register in order to post a comment.



Image Galleries

Scenes from the World of Safety

Sights, signs & symbols from the National Safety Congress & Expo held in San Diego, CA, September 15-18

4/21/15 2:00 pm EDT

The Safety Selfie: It’s time to take a “snap shot” of your safety program and contemplate what others see

We all know perception is reality and that people perceive things differently. As a safety manager, your perception of your safety program almost certainly differs from that of your workers and your managers. We will use our “Safety Selfies” to expose weaknesses, real and perceived, and to talk about how best to make improvements.

ISHN Magazine


2015 May

In this month's issue of ISHN, check out articles about heat protection, radiation in the workplace, and welding fumes

Table Of Contents Subscribe


M:\General Shared\__AEC Store Katie Z\AEC Store\Images\ISHN\safetyfourth.jpg
Safety Engineering, 4th Edition

A practical, solutions-driven reference, Safety Engineering, 4th edition, has been completely revised and updated to reflect many of today’s issues in safety.

More Products

For Distributors Only - May 2015

ISHN FDO May 2015


For Distributors Only is ISHN's niche brand standard-sized magazine supplement aimed at an audience of 2,000 U.S. distributors that sell safety products. Circulation only goes to distributors. 



Facebook logo Twitter YouTubeLinkedIn Google + icon

ishn infographics

2012 US workplace deathsCheck out ISHN's new Infographic page! Learn more about worker safety through these interactive images. CLICK HERE to view the page.