In study, 80 percent say they're more concerned about employees and contractors

Dark Reading Staff, Dark Reading

June 24, 2009

1 Min Read

Eighty percent of chief information security officers (CISOs) believe that employees and contractors present a greater threat to their data than external hackers, according to a study released earlier today.

The study, conducted by NetWitness and MIS Training Institute, was conducted at the 6th Annual CISO Executive Summit in Lisbon, Portugal, this month. Only 18 percent of the respondents said they considered hackers or nation-sponsored attacks to be a greater threat than insiders.

One in 10 CISOs reported they are not planning on spending any new monies on security this year, and are trying to just survive with their existing technology investments, the study says.

Twenty-six percent view governance, risk, and compliance (GRC) verification as the primary business driver for security spending in the next 12 months.

One-third of respondents believe firewalls alone provide adequate protection against data leaks. One-quarter of CISOs reported either not having the correct data leakage protection technology, or not knowing what they should have.

"What is really alarming is the misperception that traditional security approaches alone can protect against information leaks," says Sara Hook, conference director for EMEA at MIS Training Institute. Hook also expressed concern that "some CISOs were not sure what they need for data protection, or were not planning to focus any money in that area this year."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights