IT security: the growing risk posed by former employees |
24.02.2010
| from PwC Zürich
24.02.2010, The risk of dissatisfied former employees taking their revenge is a growing challenge for companies worldwide that is compounded by insufficient budgets and resources for IT security. The number of cases of data theft are also on the increase, and many companies are looking to protect themselves with the relevant technology. This was one of the results of the twelfth “Ernst & Young Global Information Security Survey” conducted among 1,900 managers in companies across more than 60 countries.
Three quarters of managers in companies across the world are fearful of former employees taking vengeful action. 42 per cent are taking a thorough look at the potential risks posed by former employees and 26 per cent are taking proactive measures to protect themselves. In Switzerland, only 17 per cent of companies consider the risk to be very high and have proactively introduced countermeasures. 34 per cent are currently evaluating the potential risks with a view to making a decision about the appropriate countermeasures.
Ralph Holbein, IT Risk Management Partner at Ernst & Young Switzerland, says: "Because of the ongoing recession, some former, dissatisfied employees are developing resentment toward their past employers. Former employers' IT systems have become a primary target and the number of cases of data theft is also increasing. It is therefore important that companies conduct specific risk assessments to identify risk potential and take appropriate measures."
Budgets for information security too low Approximately half of the survey respondents consider the allocation of adequate budgets for information security to be a major challenge. Only 6 per cent of all respondents in Switzerland said that this represented no challenge for them. 40 per cent of respondents intend to increase their annual budget for IT security; 52 per cent do not foresee any changes.
Majority of laptops worldwide insufficiently protected Only 41 per cent of respondents worldwide said that they encrypt data on laptops and only 17 per cent plan to encrypt the data in the coming year. This result comes despite the increasing number of known cases of unauthorized access due to loss or theft. In Switzerland, however, 80 per cent of respondents encrypt the data on their laptops and 16 per cent plan an encryption process within the next 12 months.
Ralph Holbein comments: "Since more and more companies want to keep up with the increasing risk potential after having waited for a long time, the necessary investment in information security is much higher. For IT managers this means increasing efficiency and effectiveness while keeping spending to a minimum."
Technology in use for information security More high-profile cases of violation of data protection laws have helped put data protection at the top of the agenda for many managers in information security. Implementing or improving Data Leakage Prevention technology (DLP) ranks among the top three priorities for 40 per cent of respondents worldwide. In Switzerland, around 45 per cent of companies intend to invest more in DLP technology. DLP combines different measures and processes in order to identify and monitor threats and to protect sensitive data and information against theft.
Regulation an important driver of IT security Ensuring compliance with legal requirements has been a top priority for a number of years for many of the respondents worldwide. Fifty-five percent indicate that compliance requirements were the cause of a moderate to significant increase in their information security costs. In Switzerland, 90 per cent of companies expect the same cost levels as last year; only 7 per cent aim to reduce their spending in this area in the coming 12 months.
Ralph Holbein is convinced: "Regulations imposed by governments and industrial associations have significantly raised awareness of the need for a structured approach to information security within companies. It is good that the compliance requirements are having a positive effect on security guidelines and procedures in many companies. However, some companies still view compliance requirements as a by-product and not as an important driver of information security."
--- END press release IT security: the growing risk posed by former employees ---
Ralph Holbein, IT Risk Management Partner at Ernst & Young Switzerland, says: "Because of the ongoing recession, some former, dissatisfied employees are developing resentment toward their past employers. Former employers' IT systems have become a primary target and the number of cases of data theft is also increasing. It is therefore important that companies conduct specific risk assessments to identify risk potential and take appropriate measures."
Budgets for information security too low Approximately half of the survey respondents consider the allocation of adequate budgets for information security to be a major challenge. Only 6 per cent of all respondents in Switzerland said that this represented no challenge for them. 40 per cent of respondents intend to increase their annual budget for IT security; 52 per cent do not foresee any changes.
Majority of laptops worldwide insufficiently protected Only 41 per cent of respondents worldwide said that they encrypt data on laptops and only 17 per cent plan to encrypt the data in the coming year. This result comes despite the increasing number of known cases of unauthorized access due to loss or theft. In Switzerland, however, 80 per cent of respondents encrypt the data on their laptops and 16 per cent plan an encryption process within the next 12 months.
Ralph Holbein comments: "Since more and more companies want to keep up with the increasing risk potential after having waited for a long time, the necessary investment in information security is much higher. For IT managers this means increasing efficiency and effectiveness while keeping spending to a minimum."
Technology in use for information security More high-profile cases of violation of data protection laws have helped put data protection at the top of the agenda for many managers in information security. Implementing or improving Data Leakage Prevention technology (DLP) ranks among the top three priorities for 40 per cent of respondents worldwide. In Switzerland, around 45 per cent of companies intend to invest more in DLP technology. DLP combines different measures and processes in order to identify and monitor threats and to protect sensitive data and information against theft.
Regulation an important driver of IT security Ensuring compliance with legal requirements has been a top priority for a number of years for many of the respondents worldwide. Fifty-five percent indicate that compliance requirements were the cause of a moderate to significant increase in their information security costs. In Switzerland, 90 per cent of companies expect the same cost levels as last year; only 7 per cent aim to reduce their spending in this area in the coming 12 months.
Ralph Holbein is convinced: "Regulations imposed by governments and industrial associations have significantly raised awareness of the need for a structured approach to information security within companies. It is good that the compliance requirements are having a positive effect on security guidelines and procedures in many companies. However, some companies still view compliance requirements as a by-product and not as an important driver of information security."
--- END press release IT security: the growing risk posed by former employees ---
More information and links:
PwC Zürich
(company entry)
Official news partner:
TOP NEWS - powered by Help.ch
Clariant Oil Services recognized by Petrobras with Best Suppliers Award for Chemical Products Clariant Produkte (Schweiz) AG, 05.11.2025
Apple reports fourth quarter results Apple Inc., 03.11.2025
GAS&COM and Anapaya partner to power the SSUN Anapaya Systems AG, 22.10.2025
