Employees are the biggest security threat, most businesses believe

More than 50% of businesses consider their own employees to be the greatest IT security threat, according to a new survey by IT Governance.

The survey found that 54% of respondents believe that insiders are the biggest threat, compared to 27% who fear criminals the most, 12% state-sponsored cyber attacks and 8% competitors.

Despite this, a quarter or respondents said their business had received a "concerted cyber-attack" in the past 12 months.

The true number could be higher, IT Governance remarked, as 21% of respondents said they do not know whether or not they suffered such an attack.

The UK government, among many others, has made a concerted effort to make IT security a board-level issue. IT Governance's survey suggests that there is some board level recognition of IT security, but that there is room for improvement.

The majority of respondents (58%) said their organisation gives the board of directors "regular" report on the state of its IT security. That is an encouraging figure, but for 35% of those companies that provide reports, they are filed "less than annually".

Only 30% of respondents said that an understanding of IT security is a pre-requisite for a position on the board.

Other findings from IT Governance's survey include the fact that 50% of respondents said customers had enquired about their IT security measures in the past 12 months, and that 26% have lost sleep because of worries about IT security.

IT Governance surveyed 260 respondents, mostly business and IT executives from businesses in the UK and US.

Pete Swabey

Pete Swabey

Pete was Editor of Information Age and head of technology research for Vitesse Media plc from 2005 to 2013, before moving on to be Senior Editor and then Editorial Director at The Economist Intelligence...

Related Topics

Cyber Attack