At a time when ransomware and other attack methods that exploit insider negligence are becoming rampant, only 39 percent of end users think they take all appropriate actions to protect corporate data accessed and used in the course of their jobs, according to a new survey by the Ponemon Institute.

The survey of 1,371 end users and 1,656 IT and IT security professionals across the U.S. and Europe was conducted in April and May 2016 by Ponemon Institute, with sponsorship from security software provider Varonis Systems. It showed that 52 percent of IT respondents think policies against the misuse or unauthorized access to company data are being enforced and followed. But only 35% of end users say their organizations strictly enforce those policies.

Among the other key findings were that 61 percent of respondents who work in IT or security roles view the protection of critical company information as a very high or high priority. In contrast, only 38 percent of respondents who are considered end users think it is a very high or high priority.

Asked about their organization’s attitude on productivity vs. security, 38 percent of IT practitioners and 48 percent of end users say their organizations would accept more risk to the security of their corporate data in order to maintain productivity.

"At a time when one would expect general improvement in end-user hygiene due to increased awareness of cyber attacks and security breaches, this survey instead found an alarming decline in both practices and attitudes,” said Larry Ponemon, chairman and founder of Ponemon Institute.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access