Information security risk in American business

12. 02. 2014 | Komentáre čitateľov [0]

A study conducted by Osterman Research discovered that many IT admins are concerned about the potential threat introduced by user behavior. The risk of employees introducing malware to the company network was cited as a major concern by more than half of those surveyed. Nearly three-fourths stated that their network has been penetrated by malware as a result of Web surfing, and almost two-thirds declared that they had been compromised through email, just in the past year.

Often, however, the risky behavior is really just a side effect of attempts to work more efficiently. For example, users upload files to consumer-oriented services like Dropbox so they can continue working on them from home, or know that they’ll have access to important data while visiting a client site. One study found that 87 percent of executives send company data or emails to personal cloud accounts so they can work from home or on the road. A shocking 58 percent admit that they have accidentally sent sensitive data to the wrong destination. The organization can minimize the risk of sensitive data being exposed or compromised by providing users with a comparable solution that is more secure.

American businesses need to fortify their protections against information security threats. The reality is rather bleak. More than half of respondents gave corporate America’s response to cyber threats a grade C or lower. Nearly three-quarters of respondents expressed concerned that a hacker could break into their employers’ computer networks and steal their personal information.

But many respondents also admitted to engaging in high-risk behaviors, such as uploading work files to their personal email and cloud accounts, and accidentally sending sensitive information to the wrong person. Senior management—those who often have high levels of access to valuable company information—admitted to partaking in risky behaviors most readily. Personal technology preferences contributed to many of the transgressions. One bright spot is the efficacy of company policy. Workers who said they did not participate in highrisk behaviors cited strict company policy as the reason why.

When company information gets into the wrong hands—whether it’s due to a careless insider, a malicious insider, or a hacker—a business can lose the trust of its customers, partners, and investors, as well as its competitive advantages. Knowledge about real-life risks in the workplace and how companies are successfully managing high-risk behaviors can help business leaders better understand how to protect their firms.


 

<div data-configid="2664486/6699689" style="width: 525px; height: 679px;" class="issuuembed"></div><script type="text/javascript" src="//e.issuu.com/embed.js" async="true"></script>

 

Napísať komentár




IT právo prakticky: GDPR po roku & zmluvné vzťahy v IT

17.septembra 2019, Bratislava

  • Blok GDPR po roku v praxi, čo priniesla európska norma, aké otázky ostali zatiaľ otvorené
  • Zmluvy a zmluvné vzťahy v