Feeds

One third of workers open to bribes for data theft

Who wants to be a millionaire?

The essential guide to IT transformation

A somewhat self-serving survey ahead of an information security trade show in London next week reveals a third of workers can potentially be bribed into handing over company data.

A poll of 600 workers at busy London railway stations found more than a third (37 per cent), admitted that they would hand over their organisation's most sensitive data for inducements ranging up to a million pounds. Respondents were asked what it would take to persuade them to download and hand over sensitive company information to a stranger, with suggested incentives ranging from a "slap up meal" to offers of over ten million pounds.

Such disloyalty wasn't easily purchased, with two-thirds of those with flexible ethics saying they'd only engage in a spot of industrial espionage for at least one million pounds, although 10 per cent would do it if their mortgage was paid off.

Around one in twenty of the sample would do it for modest inducements of a holiday, getting rid of credit card debt or a new job, respectively. One in 50 told researchers running the poll that they'd be willing to hand over their company’s crown jewels in exchange for a slap up meal.

When the requested information changed to credit card details or security codes, then employees became harder to bribe, with 80 per cent refusing to hand over the data at any price.

Workers quizzed had access to a range of information ranging from customer data bases (83per cent) to business plans (72 per cent), accounting systems (53 per cent), and IT admin passwords (37 per cent).

Two thirds (68 per cent) of employees reckon it would be easy to sneak data out of their organisation. One third felt less loyalty to the organisation they worked for against five per cent who felt more loyalty, compared to a year ago.

In previous years, Infosecurity surveys have concentrated on what little inducement workers need to hand over their passwords (biros, choccy bars, take your pick). This year around the show organisers have upped the ante, with a pitch calculated to push the message that in an uncertain economy, firms should be more wary of their workers.

The argument is that firms should install Data Leak Protection technology, undoubtedly music to the ears of Infosec's exhibitors.

It's conventional wisdom that corrupt insiders - rather than hackers - pose the greatest security threat, but a recent survey by Verizon Business, which looked at real incidents of data breaches, found the opposite. The Verizon survey is well worth thinking about before placing too much weight on what people are apt to say at train stations. ®

5 things you didn’t know about cloud backup

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION
Anatomy of the net's most destructive ransomware threat
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
prev story

Whitepapers

Gartner critical capabilities for enterprise endpoint backup
Learn why inSync received the highest overall rating from Druva and is the top choice for the mobile workforce.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.