Slashdot Mirror

← Back to Stories (view on slashdot.org)

Senior Managers Are the Worst Information Security Offenders

Posted by Unknown on from the security-is-for-little-people dept.

An anonymous reader writes "As companies look for solutions to protect the integrity of their networks, data centers, and computer systems, an unexpected threat is lurking under the surface — senior management. According to a new survey, 87% of senior managers frequently or occasionally send work materials to a personal email or cloud account to work remotely, putting that information at a much higher risk of being breached. 58% of senior management reported having accidentally sent the wrong person sensitive information (PDF), compared to just 25% of workers overall."

7 of 181 comments (clear)

  1. Shocking... by fuzzyfuzzyfungus · · Score: 4, Insightful

    Who would have thought that immunity from consequences would lead to carelessness?

  2. Re:Seen it on the job: by Ben4jammin · · Score: 5, Insightful

    It will be a revelation to senior management.

    They will in fact need reports such as this to recognize the reality that all us IT workers have known for years. See, the fact that you don't understand that is why you are likely not in senior management :)

  3. Re:Seen it on the job: by Penguinisto · · Score: 5, Insightful

    Sad, but true.

    I remember a CEO of a moderate-sized corp (!?) who didn't see the need for locking down his Blackberry.... until he lost it one night while out on the town. Took me all of five minutes to crawl out of bed and wipe/lock the device remotely via BES, but the funny part was that it took that incident (and a gentle explanation of why I wiped his device - he originally wanted me to "locate" it for him) before he figured out that security was more than just a buzzword that got in his way.

    --
    Quo usque tandem abutere, Nimbus, patientia nostra?
  4. Re:Sampling bias by Trepidity · · Score: 4, Insightful

    Trying to get them to follow any kind of IT policy is nearly futile as well. Many recognize the need for an IT policy in the abstract, and will be happy to sign off on something that the average worker has to follow, but they see themselves as a special case that needs more freedom to operate as they see fit.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  5. Re:Seen it on the job: by MickyTheIdiot · · Score: 4, Insightful

    So the moral of the story is we should all get together and set up a Gartner-like "consulting" firm where we make C*O's pay million dollar consulting fees and (unlike Gartner) they get the common-sense information they can get from any security text book since the C*Os will only listen to advice that they pay a bazillion dollars for. They are mentally incapable of listening to the smart IT guy in their department that they pay $40k a year.

  6. Re:Seen it on the job: by cusco · · Score: 5, Insightful

    I work in physical security. Executives are bad, but the absolute worst are doctors. There is a local hospital where the keypad code (1234) for the 'Doctors Entrance' hasn't changed in 23 years, because the doctors refuse to remember their own 4-digit code. Every attempt to change it has resulted in surgeons immediately marching into the executive offices and threatening to quit (really). Even an irate and armed ex-husband entering the hospital through that door didn't convince them. Getting them to use a key card is almost impossible unless they can have one card to leave in the Mercedes, another for the Porsche, and another in their desk that they can retrieve by tailgating into the building. /rant

    --
    "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
  7. Re: Seen it on the job: by Bengie · · Score: 5, Insightful

    The value of money is relative to the cost of living. Keep your $100k/year job with $300k house and 3 hours commute. I'll stick with my lower paying job in a smaller town with a $100k house that is much larger than yours and 5 minute commute.