A study reports that 88% of IT staff would steal data if fired – Give me a break!

A study reports that 88% of IT staff would steal data if fired – Give me a break!

The “study”, conducted by Cyber-Ark, surveyed 300 network administrators that were attending a security conference, a little ironic if you think about it, and found that 88% of network administrators admitted that they would steal highly confidential information if terminated.

According to Cyber-Ark’s homepage, “Cyber-Ark is the leader in securing and managing privileged identities and highly sensitive information.” I have a hard time believing corporate funded and executed research studies. These types of “studies” are rarely conducted in a sufficiently controlled and properly sampled environment. The questions are often very leading so the results are predictable and very biased. These should be called what they are…marketing materials.

I do not take issue with all sponsored research.  If this study, or any study, was conducted by a well-regarded research firm, I would than consider the information credible.

A study conducted by security company Cyber-Ark indicates that a significant number of corporate IT personnel snoop sensitive data, and nearly 9 out of 10 would take company secrets and remote access credentials with them if they were fired. This could pose a serious security risk for many companies and expose them to industrial espionage and other dangers.

What is the net effect of these headlines? More distrust between staff and the IT department. IT needs to work with everyone, but if employees do not trust IT, then nothing good will be accomplished. This disinformation causes unneeded walls to be built inside businesses and keep departments from trusting one another.

If 88% of IT staff are untrustworthy, then IT would have massive governance problems, and I just do not see that occurring in the market. Data breaches do happen, too often, but nowhere to this level. IT should be monitored, just like any other department, and companies need to implement solid security plans that include segregation of duties and effective monitoring.

To the vendors of the world: Please stop pushing hype, that preys on the fears of people, as real research, just so you can sell your products.

A few more headlines:

Leave a Reply