Ex-employees 'a growing IT security threat'
Reprisals from former employees, and a lack of adequate security budgets and resources, are becoming major concerns for senior IT professionals, say senior executives.
The Ernst & Young 2009 Global Information Security Survey polled views from 1,900 senior executives in more than 60 countries: it reveals that 75 per cent of respondents are concerned with ‘possible reprisals’ from employees who have left their organisations. Furthermore, 42 per cent of respondents are trying to ‘understand the potential risks related to this issue’, and 26 per cent are ‘taking steps to mitigate them’.
Allocating adequate budget to information security continues to be a challenge in 2009, with 50 per cent of respondents ranking this as a significant challenge – a 17 per cent increase compared to 2008. This is notable, the survey’s authors say, given that 40 per cent of respondents indicated that they plan to increase their annual investment in information security as a percentage of total expenditure, and 52 per cent ‘plan on maintaining the same level of spending’.
“While the economy is still in recession, employees made redundant may feel resentful towards their previous employer in a number of ways that may affect the smooth operation of an organisation,” explains Ernst & Young partner in IT risk advisory Ricahrd Brown. “Increasingly, the employer’s IT system has become a common target, and data theft is also prevalent.”
Brown adds: “Our survey shows that the levels of internal and external risks continue to increase.”