1 in 6 IT pros admit to hacking – and 28% knowingly circumvent security policies

New research paints a telling picture of the current state of IT security within UK organisations

Related topics
People
Policy
Process
Security

Related articles

Hacking techniques are advanced, but are your security measures?
How real is the risk of visual hacking?
Go hack yourself: What is white hat hacking and why are businesses turning to it?

Share article

Short of time?

Print this pageEmail article

‘Given that IT is the security gatekeeper for an organisation, it was alarming to see such high incidents of non-compliant behaviour by IT personnel’

 

One in six IT managers admit they have hacked their own or another organisation, according to new research.

In a study of 513 UK IT and infosecurity directors and managers, 28% admitted to knowingly circumventing their own security policies.

The report, by Absolute Software, found that security remains at the top of the IT spending list, with 73% of respondents expecting increased investment in security this year.

But despite prioritising security and increasing budgets, half of the respondents said employees or insiders represent the greatest security risk to an organisation.

>See also: What happens when the hackers get hacked: inside the hackers-for-hire business

This may be related to the fact that, on average, 36% of all security protocols are not being followed by staff, according to the survey.

It may also explain the high number of security breaches, with 30% of respondents experiencing a data breach within the past year.

IT decision makers bear the brunt of responsibility. Of those surveyed, 66% said IT managers are primarily responsible for the organisation’s security.

The report also showed that 58% of IT decision makers believe they would likely lose their job in the event of a security breach.

The age of the respondents impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security.

More than a fifth of the IT pros aged between 18 and 44 that were surveyed admitted to hacking their own organisation, compared to 6% of over-45s. 

>See also: 96% of UK corporations have been hacked, new data reveals

“Given that IT is the security gatekeeper for an organisation, it was alarming to see such high incidents of non-compliant behaviour by IT personnel,” said Stephen Midgley, VP of global marketing at Absolute Software. “Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring.

“Despite marked improvements, businesses are still very susceptible to attack. The gaps in current data breach response plans and in upholding general best practice policies must be addressed.”