Security Risks of Uneducated Employees

#1: pathetic
Passwords
#6: HOOKING UP WITH
ANOTHER MAN’S WI-FI
#7: A LITTLE
TOO SOCIAL
#5: RECKLESS
ABANDON
OF MALWARE IS KEY LOGGER OR APPLICATION-
SPECIFIC – WHICH OFTEN REQUIRES DETAILED
KNOWLEDGE OF OR PHYSICAL ACCESS TO A TARGETED SYSTEM
26.4%
#2: Peeping
ROM
WORKERS SURVEYED THAT SAY THEY
HAVE BEEN ABLE TO SNEAK A PEEK AT A
CO-WORKER’S OR STRANGER’S WORK
STATION IN THE WORKPLACE OR A
PUBLIC PLACE 71%
ONE IN THREE WORKERS LEAVE
THEIR COMPUTERS LOGGED ON
TO NETWORK RESOURCES AND
UNLOCKED WHEN THEY ARE AWAY
FROM THEIR DESK
USERS TRAINED IN AVOIDING PHISHING AND SCAM EMAILS FELL FOR
THESE MALICIOUS EMAILS 42% LESS THAN THOSE WITHOUT TRAINING
#4: PHISH
BITING
OF IT SECURITY PROS SAY
THEY COME ACROSS PHISHING
MESSAGES THAT GET PAST
SPAM FILTERS
OF IT ORGANIZATIONS
HAVE TOP EXECUTIVES OR
PRIVILEGED USERS WHO
HAVE FALLEN FOR MALICIOUS
EMAIL ATTACKS
69%
27%
OF YOUNG WORKERS THINK CORPORATE
SOCIAL MEDIA POLICIES ARE OUTDATED
OF ENTERPRISES HAVE SEEN AN INCREASE OF MALWARE
INFECTIONS DUE TO EMPLOYEES’ USE OF SOCIAL MEDIA
10+25+68+90
BY 2015, THE NUMBER OF WIFI
HOTSPOT DEPLOYMENTS WILL
INCREASE BY
350%
ONLY 18 PERCENT OF USERS
USE A VPN TOOL WHEN
ACCESSING PUBLIC WI-FI
18%
THE FBI RECENTLY RELEASED AN ALERT TO
TRAVELERS WARNING AGAINST AN UPTICK IN
MALWARE PASSED OFF AS SOFTWARE UPDATES
ON HOTEL INTERNET CONNECTIONS
67%
REGULARLY IGNORE IT POLICIES70%
52%
#3: USB STICK UP
OF USERS REPORT HAVING EXPERIENCED A
VIRUS INFECTION THROUGH A USB DEVICE
OF USERS WHO FIND RANDOM
USB STICKS IN A PARKING LOT WILL
PLUG THEM INTO THEIR COMPUTERS
ADD THE
COMPANY
LOGO,
AND THAT
NUMBER INCREASES TO
60%
35%
90%
Uneducated
Employees
7 deadly sins
AND THEIR
TODAY'S ORGANIZATIONS
EXPERIENCE AN AVERAGE OF
14.4 INCIDENTS/YEAR
OF UNINTENTIONAL DATA LOSS
THROUGH EMPLOYEE NEGLIGENCE
THE TOP CAUSE OF
ORGANIZATIONAL
DATA BREACHES:
"NEGLIGENT INSIDERS"
EMPLOYEES THAT SAY
THEY WERE
EDUCATED
ON SECURITY
POLICIES
BUSINESSES BREACHED THAT DID NOT
HAVE SECURITY POLICIES IN PLACE THAT
INCLUDED
SECURITY
AWARENESS
EDUCATION
PUBLICLY REPORTED
INSIDER BREACHES
THAT ARE EXECUTED
WITH MALICIOUS INTENT
IT PROFESSIONALS THAT REPORT
SECURITY POLICIES ARE COMMUNICATED
TO NEW HIRES
DURING
ORIENTATION
87%
32% 15%
56%
THE MOST COMMON
CORPORATE PASSWORD
IS Password1 BECAUSE IT
JUST BARELY MEETS THE
MINIMUM COMPLEXITY
REQUIREMENTS OF
ACTIVE DIRECTORY FOR
LENGTH, CAPITALIZATION
AND NUMERICAL FIGURES
IN APPROXIMATELY 15% OF
PHYSICAL SECURITY TESTS
PERFORMED AT CLIENT
SITES IN 2011, WRITTEN
PASSWORDS WERE FOUND
ON AND AROUND USER
WORKSTATIONS
15%
OF USERS
DO NOT
PASSWORD
PROTECT
THEIR
SMARTPHONES
OF PEOPLE
WHO FIND LOST
CELL PHONES
RUMMAGE
THROUGH THE
DIGITAL CONTENTS TO LOOK
AT SENSITIVE INFORMATION
89%
70%
SOURCES:
www.darkreading.com/identity-and-access-management/167901114/security/application-security/240005123/study-phishing-messages-elude-filters-frequently-hit-untrained-users.html
http://ecs.arrow.com/suppliers/documents/IDCWhitePaper-InsiderRiskManagement.pdf;www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-503131.html
www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-499060.html;www.kaspersky.com/downloads/pdf/kaspersky-lab_ok-consumer-survey-report_eng_final.pdf
www.wi-fi.org/media/press-releases/wi-fi%C2%AE-security-barometer-reveals-large-gap-between-what-users-know-and-what;http://net-security.org/secworld.php?id=12634
http://digitallife.today.msnbc.msn.com/_news/2012/03/08/10595092-exclusive-the-lost-cell-phone-project-and-the-dark-things-it-says-about-us#.T1jKmQSi0sM.email
www.bloomberg.com/news/2011-06-27/human-errors-fuel-hacking-as-test-shows-nothing-prevents-idiocy.html;
www.corpmagazine.com/technology/digital/itemid/9828/pageid/2/how-to-mitigate-insider-threats;
www.bbb.org/blog/2011/08/70-percent-dont-password-protect-their-phones/;
www.wballiance.com/resource-center/wba-industry-report/;
www.chariotsfire.com/thesis/Chapter6.pdf
www.trustwave.com/global-security-report www.trustwave.com

Security Risks of Uneducated Employees

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Security Risks of Uneducated Employees

Similar to Security Risks of Uneducated Employees (20)

Recently uploaded

Recently uploaded (20)

Security Risks of Uneducated Employees