IT pros would chuck security controls to win business

Balabit, a leading provider of contextual security technologies, today unveiled the results of its pan-European survey into the current state of IT security.

The survey looked at how organisations balance IT security and business flexibility; whether they choose to be more secure by implementing additional controls that might hinder productivity or prefer to have flexible business operations. It also looked at how a promising business opportunity changes the game.

Balabit asked 381 IT executives, CIO’s, CISO’s, auditors and other IT professionals including, but not limited to, the UK, France and Germany, about their thoughts on IT security and business flexibility. When asked about their preference if they need to choose between IT security and business flexibility, 71 per cent of respondents said that security should be equally or more important than business flexibility.

The same people were asked if they would take the risk of a potential security threat in order to achieve the biggest deal of their life. In this situation security just goes out of the window with 69 per cent of respondents saying they would take the risk, while only 31 per cent said they would not.

“These results show that organisations have a long way to go to balance security and business” said Zoltán Györk, CEO at Balabit. “They demonstrate that while security overload may be tolerated during normal business, when it comes to big deals the respondents would not hesitate to bypass security to win business. It is important that this is recognised as an issue and dealt with accordingly.”

In order to provide a healthy balance of IT security and business flexibility in practice, organisations require IT security solutions that do not impose onerous processes on users. When processes are bypassed by an insider, or indeed by someone that has gained fraudulent insider access, there is an escalated risk of privileged account misuse.

According to the latest Ponemon Institute Research criminal insiders cause the most data breaches. Because insider misuse cannot be spotted by existing control based security tools, a different approach is required.

“The survey shows that security strategies must take into account human behaviour” continued Györk, CEO. ”Today’s static control solutions can only go so far. Security teams must have visibility of the context of user actions to be able to respond effectively, and any additional tools must be transparent to the business workflow. We believe that a monitoring based approach that enables companies to respond to suspicious activities in real time can make IT security more business friendly; that is why we developed our Contextual Security Intelligence Suite.”

The post Survey Reveals 69% of Users Would Bypass Security Controls to Win Business appeared first on IT SECURITY GURU.

Image Credit: Manczurov / Shutterstock