Employees Are the Biggest Security Risk
Although a steady stream of news reports chronicles the activities of hackers, attackers, state actors and cyber-criminals who break into systems and steal or damage data, the greatest risk actually resides within an organization. A recently released Ponemon Institute and Fasoo study, "Risky Business: How Company Insiders Put High-Value Information at Risk," points out that the vast majority of organizations' executives are not confident in their ability to manage and control employee access to confidential documents and files. "What should be concerning to C-level executives and corporate boards is that most organizations have no idea where mission-critical information is located on the corporate network, who has access and what they are doing with that information," stated Bill Blake, president of security solutions firm Fasoo. Ponemon Institute surveyed 637 U.S. IT security practitioners familiar with their organization's approach to protecting data, documents and files against cyber-attacks. Some of the key findings are included here.