Cyber security professionals ‘admit to paying ransom’

Bromium, the virtualisation-based enterprise security that stops advanced malware attacks, today released new research conducted at the RSA Conference (RSAC) 2017 that found security professionals admit to knowingly circumventing security protocols and hiding discovered breaches. The survey findings were so surprising that Bromium surveyed a subsequent group of security professionals in the US and UK and the results were consistent.

On average, 10% of security professionals admitted to paying a ransom or hiding a breach without alerting their team (5% at RSA, 15% in extended study). For context, there were 638 million ransomware attacks in 2016, suggesting that tens of millions of these attacks are potentially not being disclosed.

>See also: Ransom, where? In your virtual machines

On average, 35% of security professionals admitted to going around, turning off or bypassing their corporate security settings (38% at RSA, 32% in extended study of US and UK professionals).

“While we expect employees to find workarounds to corporate security, we don’t expect it from the very people overseeing the operation,” said Simon Crosby, co-founder and CTO of Bromium.

“Security professionals go to great lengths to protect their companies, but to learn that their decisions don’t protect the business is frankly rather shocking. To find from their own admission that security pros have actually paid ransoms or hidden breaches speaks to the human-factor in cyber security. It’s one reason we pursued virtualisation-based security: it takes the burden off the end-user and ensures IT and security teams protect their business assets and data.”

>See also: Held to ransom: keeping your data out of the wrong hands

When it comes to cyber security, there are really two ways to make it happen: top down with typically strict limits on end-user behaviour or, distributed control with more end-user involvement.

In the first case, employees are limited in what they can do which can hinder business innovation. In the latter case, employees can choose to turn off security and put the business at tremendous risk. Either way, it’s a lose-lose situation when considered through the enterprise security lens.

“With application isolation and hardware-enforced containment, I don’t have to worry about what people click on. They are free to click on anything because applications, files and web browsing sessions are isolated and therefore protected. And when they’re done with the task, if they were exposed to malware or ransomware, it goes away and they go about their day,” explained Paul Hershberger, director, IT global security and compliance, Risk and Compliance at The Mosaic Company.


Nominations are now open for the Tech Leaders Awards 2017, the UK’s flagship celebration of the business, IT and digital leaders driving disruptive innovation and demonstrating value from the application of technology in businesses and organisations. Nominating is free and simply: just click here to enter. Good luck!

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics