Estimated reading time: 1 minute, 48 seconds

Information-technology security professionals may suffer from an image problem. That’s according to a new report by Thycotic, a cybersecurity vendor.

Thycotic commissioned an independent market researcher to interview 100 IT security “decision makers” at UK public and private organizations with at least 1,000 employees. In interviews last November, 63% of respondents said their security teams are seen internally as naysayers, with some using the phrases “doom mongers” and “necessary evil.” Indeed, 38% said they’re seen as the “policemen.” A small minority (13%) said they feel negativity toward their team and role “all the time.”

What’s more, many of these IT security decision-makers cited either indifferent or negative responses when launching new new security practices. Specifically, 35% said employees believe such policies will interfere with their work, while 39% said employees barely observe the changes. Relatedly, 27% said cybersecurity is a background function that others in the organization fail to notice.

It might be time for companies and public entities to remedy their employees’ lack of cybersecurity awareness. That’s according to the National Cybersecurity Center, a Colorado nonprofit, which has found that most data breaches take place because of human error. Organizations should use this first-quarter hiring season to make a plan for training incoming workers on cybersecurity fundamentals, Jonathan Steenland, the group’s COO, tells ZDNet. A recent accidental leak of confidential information by financial giant BlackRock underscores the risk of human error, as Investment News observes.

Another potential area for mistakes may be simple errors of omission. French aerospace and security multinational Thales Group’s latest annual report on data threats—based on a survey of 1,200 IT and security executives from organizations in nine countries—finds that while 97% of respondents use sensitive data in new digital environments, fewer than 30% used encryption in these environments. That’s despite the many recent high-profile breaches.

Organizations that invest in privacy measures may find that it pays off. According to Cisco’s latest annual survey of 3,200 security pros in 18 countries, getting ready for the European Union’s General Data Protection Regulation seemed to mitigate the effect of data breaches. The survey found that just 37% of the GDPR-ready companies had data breaches costing more than $500,000, versus 64% of the least GDPR-ready companies.

Read 290 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline