UK IT Managers Increasingly Aware of Insider Access Threats but Uncertain if Risks Can Be Spotted

UK CISOs and IT Managers feel isolated and fearful of losing jobs as data breach wave rolls in, suggests new survey

WESTBOROUGH, Mass. and LONDON, UK, June 24th 2014 – Chief Information Security Officers (CISOs) and IT managers may be too confident in their capabilities to ensure their organisations security and defences against a data breach, suggests new UK research commissioned by Courion and conducted by OnePoll.

A majority (63%) of IT security managers believe it is ‘easy’ to govern staff access rights and privileges, despite the fact that 42% admitted they either do not have or are unsure of their ability to monitor and prevent breaches caused by accidental or deliberate staff actions. This overconfidence in the face of an apparent lack of expertise is concerning, given that 1 in 4 of the respondents cited staff failure to follow access policies as the greatest threat to their organization’s data security, just slightly ahead of professional hackers.

The survey also confirmed the pressures IT managers and CISOs face in managing data security, with 45% saying their organisation had suffered a data breach. Any confidence they may exhibit masks fears over job losses (42%), severe reprimands (41%) and demotion (34%) if their organisation suffered a data breach.

And it seems UK IT security executives are looking for help from within the organisation, with mixed results. 43% of respondents feel they could have better relations with human resources in managing staff access rights and a majority (59%) don’t feel confident or are unsure they get enough help to make dealing with insider threats easier.

In fact, a recent separate Courion study into staff attitudes to IT security suggests staff can be ambivalent about how they use their access rights – for example, 39% share work login details with colleagues and 1 in 5 of UK professionals would snoop on sensitive personal data if they have access to it.

Courion CEO Chris Zannetos commented, “Like elsewhere, UK CISOs and IT managers are under immense pressure to prevent data breaches. What’s striking is many are finding it difficult to get the support needed to appropriately address insider threats. IT infrastructures have become increasingly complex as the access needs of users constantly change. This makes it challenging for CISOs and IT managers to understand, and as a result effectively communicate, exactly where business risk lies.

“We recognise the need to help our customers in their efforts to convey critical access-related risk in business terms. Our new service offering, the Access Risk Assessment, gives them the insight they need to begin to proactively identify and eliminate risk,” he added.

The survey polled 100 senior IT security professionals including CISOs in companies with more than 500 employees.

About Courion
Courion is the market leader in Identity and Access Management (IAM), from provisioning to governance to Identity and Access Intelligence (IAI). Many of the world’s largest enterprises and organizations rely on Courion’s solutions to confidently provide open and compliant access to thousands of employees while protecting critical company data and assets from unauthorized access. Courion has offices and operations in the USA, Europe, Middle East and Asia. To learn more about how you can add intelligent identity and access management solutions to your security controls, contact 866.Courion or info@courion.com.

For more information about Courion, please visit:

Website: http://www.courion.com/
Twitter: twitter.com/courion
LinkedIn: linkedin.com/Courion-Corporation
Blog: http://blog.courion.com/

Courion is a registered trademark of Courion Corporation. All rights reserved. All other company and product names may be trademarks of their respective owners.

Media contacts:
Daniel Couzens & Diana Kurteva
onechocolate communications
E: Courion@onechocolatecomms.co.uk
T: +44 (0) 207 437 0227

Source: RealWire