Feeds

One third of workers open to bribes for data theft

Who wants to be a millionaire?

Top 5 reasons to deploy VMware with Tegile

A somewhat self-serving survey ahead of an information security trade show in London next week reveals a third of workers can potentially be bribed into handing over company data.

A poll of 600 workers at busy London railway stations found more than a third (37 per cent), admitted that they would hand over their organisation's most sensitive data for inducements ranging up to a million pounds. Respondents were asked what it would take to persuade them to download and hand over sensitive company information to a stranger, with suggested incentives ranging from a "slap up meal" to offers of over ten million pounds.

Such disloyalty wasn't easily purchased, with two-thirds of those with flexible ethics saying they'd only engage in a spot of industrial espionage for at least one million pounds, although 10 per cent would do it if their mortgage was paid off.

Around one in twenty of the sample would do it for modest inducements of a holiday, getting rid of credit card debt or a new job, respectively. One in 50 told researchers running the poll that they'd be willing to hand over their company’s crown jewels in exchange for a slap up meal.

When the requested information changed to credit card details or security codes, then employees became harder to bribe, with 80 per cent refusing to hand over the data at any price.

Workers quizzed had access to a range of information ranging from customer data bases (83per cent) to business plans (72 per cent), accounting systems (53 per cent), and IT admin passwords (37 per cent).

Two thirds (68 per cent) of employees reckon it would be easy to sneak data out of their organisation. One third felt less loyalty to the organisation they worked for against five per cent who felt more loyalty, compared to a year ago.

In previous years, Infosecurity surveys have concentrated on what little inducement workers need to hand over their passwords (biros, choccy bars, take your pick). This year around the show organisers have upped the ante, with a pitch calculated to push the message that in an uncertain economy, firms should be more wary of their workers.

The argument is that firms should install Data Leak Protection technology, undoubtedly music to the ears of Infosec's exhibitors.

It's conventional wisdom that corrupt insiders - rather than hackers - pose the greatest security threat, but a recent survey by Verizon Business, which looked at real incidents of data breaches, found the opposite. The Verizon survey is well worth thinking about before placing too much weight on what people are apt to say at train stations. ®

Security for virtualized datacentres

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.