IT workers have always known that employee negligence was the source of a variety of security issues – from forgotten and misplaced passwords to ignored retention policies and unsecured devices. But how bad has the problem really gotten?
A new report from security firm Netwrix paints a bleak picture of the actual gravity of the situation. Researchers found that IT workers in the government sector overwhelmingly think that employees are actually the biggest threat to cybersecurity. In fact, 100% of respondents said so.
In 2016, over half (57%) of security incidents in government were caused by human error. Beyond that, employees were also the cause of 14% of system downtime in those same situations. What’s more, insider misuse was the source of a security investigation for a whopping 43% of IT professionals.
A dwindling workforce makes it tough for IT professionals to keep up with actual operations procedures, let alone make time for preventative cyber security measures and compliance.
In fact, 75% of IT employees in government reported that rather than their organization having dedicated cyber security personnel on staff (which is becoming more and more necessary with each passing year), an overworked IT team was left to deal with security and employee compliance.
As a result, 57% reported that they didn’t even have enough time to implement stronger security measures while 54% cited too small of a budget. The problem, then, is twofold: not only is there not enough manpower to carry out such compliance measures, but also, there isn’t enough support from senior executives in the endeavor either.