infoTECH Feature

August 31, 2016

Ransomware Attacks Climb as Employee Security Slips

It doesn't take a lot of study in the cyber security field to know that there's been a lot more in the way of ransomware attacks lately, and that puts every company out there—not to mention individuals—that much more at risk. While it would be easy in turn to think that heightened vigilance is the response to such circumstances, a new report from the Ponemon Institute (News - Alert) sponsored by Varonis is revealing the exact opposite, making for a perfect storm in progress.

The report revealed that just 39 percent of end users believe that they have done all they can to protect the company data that's a part of everyday operations, and that's down from 2014's count of 56 percent. That wasn't the only matter, either; 52 percent of IT employees believe that policies targeting misuse or otherwise unauthorized access to data are being followed and enforced, but just over a third—35 percent—of end users agree. Additionally, while 61 percent of IT employees say protecting information is a “very high” or “high” priority, end users believe so less often, with just 38 percent believing likewise. A fairly large number believe that productivity is more important than security, with 38 percent of IT staff and 48 percent of end users believing that to be the case. Perceptions about senior executives are likewise unclear, with 53 percent of IT staff and 35 percent of end users believing the C-suite considers company data protection a high priority item.

This study dovetails well with a previous study noting how there's not only an increase in data loss or theft, but also an increase in the number of employees who can access that data, as well as an increase in the number of employees believing that the biggest problem in protecting data is sheer insider negligence.

Of course, it's also important to look at the two sectors involved. It's reasonable to say IT staffers will answer this way more often, as this is directly related to the job. End users, meanwhile, have a whole lot more on their collective plate, and may well be delegating this task to the IT staff. Look at the disparity between productivity and security; the end users may well be thinking that their jobs are dependent on productivity, while the IT staffers are on the line for security. This comes under a bit of fire when noting that “negligent insiders” are considered the most likely cause of data breach on both sides but then, which “insiders” are these groups looking at?

This disconnect isn't surprising. A shaky economic picture has employees of all stripes frantic to cover themselves, and end users aren't likely to be worried about IT's problems, and vice versa. A change in corporate culture may help on this front...but is anyone willing to break the status quo and protect jobs for the sake of protecting data?




Edited by Alicia Young
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers