New Research Reveals a Dramatic Disconnect in Data Security Within Organizations

IT and Employees Have Opposing Views on the Safety of Sensitive Information

Posted on November 6, 2015

Theale, UK and Mount Laurel, N.J. – November 6, 2015 – Clearswift, a global cyber security innovator and data loss prevention specialist, today released new information that underscores the need for educating employees about security. The results show a dramatic disconnect between employees and IT within an organization with 73 percent of U.S. employees believing their company provides sufficient training on how to protect sensitive information, while 72 percent of IT professional believe that employers are not doing enough to educate employees. This research underscores the need for more collaboration between the Executive team, IT, HR and other employees within an organization to ensure the safety of sensitive information and intellectual property (IP).

"Most employees are not acting maliciously, but their carelessness can be just as damaging,” said Heath Davies, CEO at Clearswift. “Companies need to wake up to the fact that employees have the potential to cause the company huge damage through their actions, and ensure that training, policies and technology are in place to minimize that risk. Those sitting on the board need to sit up and pay attention; critical information needs to be governed at the highest levels or it could jeopardize the future of a company."

Other key findings from the study include:

  • 62 percent of businesses worldwide think their employees don’t care enough about the implications of a security breach to change their behavior 
  • 57 percent say they need to make employees care more about the ramifications of a breach, explain the risks and talk about cases in the media
  • 10 percent of employees have lost a device containing sensitive business information
  • 12 percent have used Shadow IT without authorization
  • 37 percent of respondents say they have access to information that is above their position in the company
  • 45 percent of U.S. employees recognize that IP could damage their company if leaked.

Intellectual property can include new code for software products, trade secrets, designs or strategic plans, and can be very costly to lose if it is not yet protected by patents. 56 percent of employees in the U.S. have access to IP at work. Should information like this become exposed, other companies could use it to generate similar products, reducing the competitive advantage of the original developer. Less than half of U.S. employees recognize that IP could damage their company if leaked, and therefore it is unlikely they are taking the appropriate precautions to protect it.

“The value of a company’s IP is frequently misunderstood. First off, IP comes in many guises and it’s essential for organizations to recognize ‘what’ their IP is; where it exists and who has access to it,” continued Davies. “IP is often a company’s most prized possession, if it were to fall into a competitor’s hands, or even unauthorized hands, it could cause immense financial damage to a company, or as in the case of the recent attempted US naval espionage charge, potentially result in dire effects. It is incredible that so many survey respondents say they have access to such information, yet so few seem to realize its value.”

The results of this study by third-party research firm, Loudhouse, demonstrate the need for security within an organization to be implemented across the board, and from the first day any new hire is brought on. Executives must make security a top priority in order to avoid mistakes that can lead to the loss of valuable data, costing the company money. Improperly trained staff are at risk of clicking on phishing links that invite attackers in, or inadvertently sending out information hidden within documents and metadata.

The rise of Shadow IT and shift to hosted environments through cloud applications like DropBox, Google Drive or Box, in addition to the proliferation of new communications tools in the form of social media and personal devices, also makes it even more important than ever to put a companywide emphasis on security, starting with the Executive team. These applications that help workers be more productive, come with inherent risks that every user in an organization needs to be aware of. Only through proper training, education and clear direction from the company’s leadership will organizations be able to repair the disconnect between IT and employees to ensure that their valuable information is sufficiently protected.

Additional information:

Notes to editors

This data was taken from research conducted by technology research firm Loudhouse on behalf of Clearswift. Over 500 IT Decision makers and 4000 employees were polled to gauge the level of threat from insiders.

About Clearswift

Clearswift’s content-aware, policy based solutions enables defense, government, healthcare and financial services organizations across the globe to manage and maintain no-compromise data, email, cloud and web security.

US
MRB Public Relations
+1 732 758 1100
[email protected]

EMEA 
C8 Consulting
+44 118 334 0220
[email protected]

Recent News
January 12, 2023

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup share their 2023 cybersecurity predictions.

September 2, 2022

MINNEAPOLIS (September 1, 2022)—Fortra announced today the acquisition of Outflank, a well-regarded IT security leader with de

July 21, 2022

Fortra employee, Ciaran Rafferty shares his thoughts on everything from cybersecurity trends to the future of email security in this interview with Intelligent CIO. 

April 12, 2022

MINNEAPOLIS —April 8, 2022—Fortra announced today the acquisition of Terranova Security, a leader in global phishing simulation and security awareness t

March 9, 2022

Managed detection and response (MDR) forms new cornerstone of Fortra's cybersecurity portfolio