BreachExchange mailing list archives
69% of users would avoid security controls to make big business deals
From: Jake <jake () riskbasedsecurity com>
Date: Fri, 20 Nov 2015 14:01:12 -0500
http://www.scmagazineuk.com/69-of-users-would-avoid-security-controls-to-make-big-business-deals/article/454996/ Some 69 percent of users would bypass security controls so they could win business. However, 71 percent feel that security should have equivalent or even more important business flexibility. The findings come from a pan-European survey conducted by Balabit which questioned 381 IT executives, CIOs, CISOs, auditors and other IT professionals from the UK, France, Germany and others in regard to their thoughts on IT security and business flexibility. The respondents were asked if they would take the risk of a potential security threat to make the biggest deal of their life. Almost 70 percent said that they would take the risk. Organisations enforce the use of IT security solutions that don't dictate difficult processes on users for a healthy balance of IT security and business flexibility. There is an increased risk of account misuse when an insider or someone that has gained false access avoids processes. “These results show that organisations have a long way to go to balance security and business,” said Zoltán Györkő, CEO at Balabit. They demonstrate that while security overload may be tolerated during normal business, when it comes to big deals the respondents would not hesitate to bypass security to win business. It is important that this is recognised as an issue and dealt with accordingly. Security teams must have visibility of the context of user actions to be able to respond effectively, and any additional tools must be transparent to the business workflow.” _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- 69% of users would avoid security controls to make big business deals Jake (Nov 23)