Are you considering IT security threats from within?
In the wake of the TalkTalk hacking scandal, cyber security should be at front of mind for organisations of all sizes. But while IT departments often focus on ensuring their systems are protected against external attacks, they may be overlooking even bigger threats from their own employees or contractors.
New research from identity management firm Centrify reveals that a worryingly high proportion of IT professionals would be tempted to go rogue if the price was right – and even more concerningly, that price is relatively low. Of more than 400 IT decision makers surveyed, 14 per cent of those from the UK and 28 per cent of US respondents said they would be tempted to become a hacker for $2,000 (£1,300) or less.
When the survey participants were asked to identify the brands or organisations they would most like to hack into without fear of repercussion, the most popular answers were:
- The White House
- David Cameron’s private email
- Apple
- Bill Gates
- My bank
- Walmart
- Papa John’s Pizza
The survey also highlighted that while companies are all too aware of the threat posed by hackers, they often fall short when it comes to actually discussing their online security measures with staff.
In the US, 24 per cent of respondents said they hear more about office happy hours than they do about security, while office birthdays (22 per cent) and kitchen etiquette (18 per cent) were also discussed more frequently. For the UK, these figures stood at 17 per cent, 18 per cent and 17 per cent respectively.
Clearly, hackers are a significant threat to businesses – after all, the attack on TalkTalk is estimated to have cost the communications giant up to £35 million in one-off costs. However, in light of Centrify’s study, it appears that a failure to fully understand – and attempt to prevent – the effects of cyber crime is just as dangerous.
Bill Mann, chief product officer at Centrify, said the technology to stop cyber criminals in their tracks exists, but the will to actually put this into practice often does not.
“Many companies do not make this realisation until their names get splashed across headlines,” he claimed.
“Even if a company is not famous, one data leak can bring an entire business to a permanent halt. Furthermore, now that today’s corporate perimeter has nothing to do with physical headquarters and contains data that resides in the cloud and on the numerous devices used in the field, it’s our hope that parts one and two of the Centrify State of the Corporate Perimeter survey convince IT decision makers to take steps now to secure their assets before hackers find holes and exploit them.”
Our 2015 Mid-Year Report combines a review of the prevailing conditions in the security recruitment market with the results of a comprehensive compensation survey, covering both permanent and contract security practitioners.