Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Data Snooping a Big Problem at All Levels – Intellectual Property Theft a Major Concern

Snooping, the unauthorized use of access privileges to view sensitive or confidential data within an organization, is on the rise according to Cyber-Ark Software’s fourth annual “Trust, Security and Passwords” survey of senior IT professionals in the US and UK.

Cyber-Ark Software

Snooping, the unauthorized use of access privileges to view sensitive or confidential data within an organization, is on the rise according to Cyber-Ark Software’s fourth annual “Trust, Security and Passwords” survey of senior IT professionals in the US and UK.

Cyber-Ark Software

Forty-one percent of the more than four hundred respondents confessed to abusing administrative passwords in order to snoop on their colleagues – up from 33 percent in both 2008 and 2009. US respondents targeted customer databases first (38 percent versus 16 percent in the UK) with HR records most alluring to UK respondents (30 percent versus 28 percent in the US).

The good news is that organizations are trying harder to curb snooping and are installing stronger controls to prevent these incidents. It’s working. In 2009, 77 percent of respondents said they could circumvent controls on snooping. This year, the figure was down to 61 percent.

The survey found that 67 percent of respondents admitted having accessed information that was not relevant to their role. When asked which department was more likely to snoop and look at confidential information, more than half (54 percent) identified IT, a natural choice given that group’s power and broad responsibility for managing multiple systems across the organization.

Customer Lists and R&D Plans

At the macro, company-to-company level, 35 percent of respondents believe their company’s highly-sensitive information has been handed over to competitors. Ex-employees were cited as the most likely culprits.

The next most likely cause was human error, at 28 percent. External hacks and loss of mobile devices or laptops tied for third at 10 percent. The most likely types of information to end up in competitors’ hands were customer databases (26 percent) and R&D plans (13 percent).

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).