Many IT staff view themselves as top internal data security risk

Register now

More than one third of IT professionals - 35 percent - see themselves as the biggest internal security risk to networks within their organization, according to new research from Balabit, a provider of privileged access management and log management products.

IT professionals are still struggling to safeguard IT assets against the unpredictability of human behavior, the study said. While human resources and finance departments are the easiest target for social engineering, IT staff pose the biggest insider risk to networks, whether caused by accidental or intentional actions.

This is largely due to IT staff often possessing higher access rights than other users, the report said. This includes access to business-critical data through the IT systems they manage and control, making them a prime target for cyber criminals.

Balabit surveyed 222 attendees at the Forum International de la Cybersécurité in France, RSA Conference, Infosecurity Europe London, and IDC Security Roadshows in CEE earlier this year. Those surveyed included IT executives and security professionals, auditors, CIOs, and CISOs.

From a security analytics perspective, 47 percent of IT professionals considered the time and location of login the most important user data for spotting malicious activity. This was closely followed by private activities using corporate devices (41 percent) and biometrics identification characteristics, such as keystroke analytics (31 percent).

IT professionals are recognizing the importance of capabilities that can detect the growing threat from insiders and compromised privileged accounts, the report noted.

For reprint and licensing requests for this article, click here.