Following the new research findings from tech consultancy firm CEB, which note that 90+% of employees violate breach prevention policies, IT security experts from Synopsys Software Integrity Group and Balabit commented below.
Mike Ahmadi, CISSP, Global Director – Critical Systems Security at Synopsys Software Integrity Group:
“I do not find it surprising that employees violate data breach policies, because I have indeed been in the same situation. In one case the IT department simply did not have any failure mode in place to compensate for instances where the policies caused a halt in workflow, due to any of a number of reasons. I was still expected to get the job done, and the lower level IT support staff would often suggest the workaround. Most employees do not want to willingly violate these policies, in my experience, but the business world penalizes lost productivity and does not reward employees who use the excuse “I was following the data loss policy guidelines. Unless usability remains stable and workflow is not hindered, employees at all levels will violate these policies.”
Zoltán Györkő, CEO at Balabit:
“With each new data point that demonstrates employees’ willingness to forgo information security in favor of convenience, one fact becomes increasingly clear: organizations have a long way to go in order to balance security and business.” said “Today’s findings demonstrate the need for enterprises to recognize this fact and prepare accordingly for real time monitoring to prevent data leaks by both intruders and insiders.
“Today’s results are especially discouraging. A similar 2015 survey conducted by Balabit showed a full 69% of employees as being willing to bypass security for expediency, and today’s 90% number – although conducted among a different target group – marks significant increase in just a year. So in other words, while hackers are getting more malicious and creative in their approaches, organizations may be becoming more complacent. Both trends are moving in the wrong direction.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…