A third of IT managers admit to hacking

A high percentage of IT personnel admitted to not following the same security protocols they are expected to enforce, according to Absolute Software. Of those surveyed, 33% of respondents admitted to successfully hacking their own or another organization and 45% admitted to knowingly circumventing their own security policies.

IT managers

The report found that security remains at the top of the IT spending list, with 87% of respondents expecting increased investment in security this year. Despite prioritizing security and increasing budgets, IT managers believe that employees or insiders represent the greatest security risk to an organization (46%).

This may be related to the fact that on average, 33% of all security protocols are not being followed by staff. It may also explain the high number of security breaches, with 38% of respondents experiencing a data breach within the past year.

IT decision makers also bear the brunt of responsibility. Of those surveyed, 78% believe IT managers are primarily responsible for the organization’s security. The report also showed that 65% of IT decision makers believe they would likely lose their job in the event of a security breach.

The age of the IT respondents also impacted the results, with younger professionals demonstrating a more optimistic and confident outlook for IT security.

IT managers

Younger professionals demonstrate more cavalier behavior

  • Most likely to hack their own organization: IT professionals aged 18-44 (41%), IT professionals 45+ (12%)
  • Most confident in containing a data breach: IT professionals aged 18-44 (92%), IT professional 45+ (79%)
  • Most comfortable with staffing levels in order to provide effective IT and data security: IT professionals aged 18-44 (89%), IT professionals 45+ (75%).

Methodology

The online survey was conducted from October 28, 2015 – November 11, 2015, among 501 U.S. adults age 18+ who met the following criteria:

  • Worked in an information security role and hold one of the following positions: IT Director/Executive, IT Manager, IT Administrator, IT Security, or Other IT / information security management role
  • Employed by a company with 50 or more employees.