17 per cent of IT managers admit to hacking

Absolute® Software has published the results of a research report the company conducted among IT managers and decision makers in the United Kingdom. The report provides insight into the attitudes, behaviour, and confidence levels of IT departments when it comes to the security of their organisations.

  • Monday, 22nd February 2016 Posted 8 years ago in by Phil Alsop
The report revealed that a high percentage of IT personnel admitted to not following the same security protocols they are expected to enforce. Of those surveyed, 17% of respondents admitted to successfully hacking their own or another organisation. The report also showed that 28% admitted to knowingly circumventing their own security policies.
 
“Given that IT is the security gatekeeper for an organisation, it was alarming to see such high incidents of non-compliant behaviour by IT personnel,” said Stephen Midgley, vice president, Global Marketing, Absolute. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”
 
The report found that security remains at the top of the IT spending list, with 73% of respondents expecting increased investment in security this year. Despite prioritizing security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organisation (50%). This may be related to the fact that on average, 36% of all security protocols are not being followed by staff. It may also explain the high number of security breaches, with 30% of respondents experiencing a data breach within the past year.
 
IT decision makers also bear the brunt of responsibility. Of those surveyed, 66% believe IT managers are primarily responsible for the organisation’s security. The report also showed that 58% of IT decision makers believe they would likely lose their job in the event of a security breach.
 
"Despite marked improvements, businesses are still very susceptible to attack,” added Midgley. “The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”
 
The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security.
 
Younger Professionals Demonstrate More Cavalier Behaviour
·         Most likely to hack their own organisation: IT professionals aged 18-44 (21%), IT professionals 45+ (6%)
·         Most confident in containing a data breach: IT professionals aged 18-44 (87%), IT professional 45+ (85%)
·         Most comfortable with staffing levels in order to provide effective IT and data security: IT professionals aged 18-44 (82%), IT professionals 45+ (69%)