In a perfect world, employees would have excellent cybersecurity habits and never put the company’s network or data at risk.
This isn’t a perfect world, however, and the reality is employees do a lot of things that mess with a CISO’s on-the-job sanity.
According to a survey commissioned by Sungard Availability Services, IT professionals see security as a serious threat to the organization, and this is largely due to employee behavior (or misbehavior).
The worst security offense, according to the 276 IT professionals who responded to the survey, is carelessness surrounding mobile devices, followed closely by poor password management. Both issues can easily lead to the type of data breach that could cost a CISO his or her job.
So, that being said, here are ten surefire ways to mess with your CISO and put your company’s important information at risk!
1. Leave your laptop in your car. Or forget your smartphone at the airport security line. Or run for a refill of coffee while your table sits unattended. Any time you put your device in a situation where it can be easily stolen, you are putting the corporate network and data at risk. Unfortunately, too many users don’t deploy the privacy settings on their devices, so when a device is lost or stolen, everything on it is readily available to the new “owner.”
2. Share passwords. More than fifty percent of the IT professionals surveyed for the Sungard Availability Services study said password sharing was one of their top security concern. There are two different, but very important, password sharing concerns. First is sharing a single password among multiple sites or access points. If someone guesses that password, he will gain access to a lot of bonus material because of employee laziness. Second is sharing a password with your co-workers. Edward Snowden was able to gain access to many unauthorized sites because fellow employees shared their passwords with him.