1/3 of companies have intellectual property stolen

Is your intel going missing?

According to Cyber-Ark® Software's fourth annual "Trust, Security and Passwords" global survey, 35 percent of respondents believe their company's highly-sensitive information has been handed over to competitors.

37 percent of the IT professionals surveyed cited ex-employees as the most likely source of this abuse of trust. While this may not be a surprising cause, what was even more revealing was that 28 percent suspected mere "human error" as the next most likely cause, followed by falling victim to an external hack or loss of a mobile device/laptop, each at 10 percent.

The most popular information shared with competitors was the customer database (26 percent) and R&D plans (13 percent).

The survey, that interviews more than 400 senior IT professionals both in the US and UK mainly from enterprise-class companies, reveals that more needs to be done to protect companies' most valued assets, especially if intellectual properties can be lost simply due to "human error".

In recent months, some companies have had some noticeable examples of human error exposing latest products, such as an Apple employee leaving an iPhone 4 in a bar leading to Gizmodo getting their hands on it.

The survey revealed that human error could expose a proprietary database or financial information and as such, organizations must employ additional layers of control such as the ability to grant privileges to sensitive data and systems on-demand.

This limits "innocent" mistakes by allowing access to information only when users need it to perform a particular task or query.

Snooping on rise

On top of such security breaches, it appears that snooping continues to rise within organizations both in the UK and the US. 41 percent of respondents confessed to abusing administrative passwords to snoop on sensitive or confidential information - an increase from 33 percent in both 2008 and 2009.

When examining the information that people were willing to circumvent the rules to access, US respondents targeted the customer database first (38 percent versus 16 percent in the UK) with HR records most alluring to UK respondents (30 percent versus 28 percent in the US).

Based on this year's survey, 61 percent responded they could circumvent those controls - a decrease from 77 percent in 2009. Additionally, 88 percent of IT professionals believe their use of these privileged accounts should be monitored. However, only 70 percent of organizations actually attempt to do so - with one-third turning a blind eye to what's happening within their networks and therefore failing to meet regulatory and compliance requirements.

Insider sabotage, unfortunately and rather disconcertingly, has increased from 20 percent last year to 27 percent this year.

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and highly-sensitive information to improve compliance, productivity and protect organizations against insider threats.

Relevant articles:

Cybercrime affecting the UK | Should you be switching to Windows 7? | Data leaks in the NHS

Like this article? Get the RSS feed: