Feeds

One third of workers open to bribes for data theft

Who wants to be a millionaire?

The Essential Guide to IT Transformation

A somewhat self-serving survey ahead of an information security trade show in London next week reveals a third of workers can potentially be bribed into handing over company data.

A poll of 600 workers at busy London railway stations found more than a third (37 per cent), admitted that they would hand over their organisation's most sensitive data for inducements ranging up to a million pounds. Respondents were asked what it would take to persuade them to download and hand over sensitive company information to a stranger, with suggested incentives ranging from a "slap up meal" to offers of over ten million pounds.

Such disloyalty wasn't easily purchased, with two-thirds of those with flexible ethics saying they'd only engage in a spot of industrial espionage for at least one million pounds, although 10 per cent would do it if their mortgage was paid off.

Around one in twenty of the sample would do it for modest inducements of a holiday, getting rid of credit card debt or a new job, respectively. One in 50 told researchers running the poll that they'd be willing to hand over their company’s crown jewels in exchange for a slap up meal.

When the requested information changed to credit card details or security codes, then employees became harder to bribe, with 80 per cent refusing to hand over the data at any price.

Workers quizzed had access to a range of information ranging from customer data bases (83per cent) to business plans (72 per cent), accounting systems (53 per cent), and IT admin passwords (37 per cent).

Two thirds (68 per cent) of employees reckon it would be easy to sneak data out of their organisation. One third felt less loyalty to the organisation they worked for against five per cent who felt more loyalty, compared to a year ago.

In previous years, Infosecurity surveys have concentrated on what little inducement workers need to hand over their passwords (biros, choccy bars, take your pick). This year around the show organisers have upped the ante, with a pitch calculated to push the message that in an uncertain economy, firms should be more wary of their workers.

The argument is that firms should install Data Leak Protection technology, undoubtedly music to the ears of Infosec's exhibitors.

It's conventional wisdom that corrupt insiders - rather than hackers - pose the greatest security threat, but a recent survey by Verizon Business, which looked at real incidents of data breaches, found the opposite. The Verizon survey is well worth thinking about before placing too much weight on what people are apt to say at train stations. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.