Thirty seven percent of London workers would hand over their company secrets to a total stranger if they were offered a million pounds especially now that employee loyalty is at an all time low, with a third of workers saying they felt a lot less loyal towards their employers than they did a year ago.
Researchers from Infosecurity Europe Europes largest IT security event which takes this week, asked commuters in London railway stations what it would take to tempt them to download and hand over sensitive company information to a stranger, offering incentives ranging from a slap up meal to offers of over ten million pounds.
Of the 37% of workers who could be corrupted 63% would only hand over sensitive data for at least one million pounds, 10% would do it if their mortgage was paid off, 5% would do it for a holiday, 4% for getting rid of their credit card debt and 5% would do it for a new job. The surprised researchers couldnt believe their ears when 2% of the workers admitted that they would hand over their companys crown jewels just for a free slap up meal.
The types of information that the workers had access to included customer data bases (83%); Business Plans (72%); Accounting Systems (53%); Human Resources data bases (51%); and IT Admin Passwords (37%).
Two thirds (68%) of employees think it is easy to sneak information out of their organisation and 88% of employees thought that the information that they had access to was valuable. More than half of the workers in the survey (55%) said they were more worried about losing their jobs than they were this time a year ago.
Its quite staggering that a third of people are open to bribery, although its encouraging that 63% of workers are honest and wouldnt give anything away not even for a million pounds! However, you cant count on peoples honesty to protect the assets of company, its down to an organisation to take steps to ensure their most valuable assets are locked down and protected, especially confidential customer data, said Tamar Beck, Group Event Director, Infosecurity Europe. Criminals are very adept at finding the vulnerable workers who can be tempted into betraying their employers, therefore, organisations should ensure that they have trained their people to protect sensitive information and have adequate technology and processes in place to help them enforce security policies that comply with current regulation and legislation.
When the information asked for changed to credit card information, account details or security codes then employees became harder to tempt with 80% refusing to take the risk and wouldnt provide this information at any price. For the 20% of employees who would pass on credit card information, account details or security codes, 68% would only do it for a million pounds, 7% if their mortgage was paid off, and 15% for paying off their credit cards.
Infosecurity Europe is the event that enables organisations to prepare for the potential onslaught on their information systems, it plays host to Europe's largest FREE educational programme where visitors have the opportunity to listen to a fantastic range of 150 experts including the David Blunkett MP who will give the Opening Address on the Rapidly Changing Face of Cybersecurity What Dangers For 2012. Lord Erroll will lead a keynote which looks at Who Got Caught Out in the Last 12 months and Dr. Nigel P Brown, from the Cabinet Office will lead a debate on the impact of the Global Credit Crunch on the Information Security Market. Lynn Lawton, International President for ISACA, will lead a discussion of the role that information security has in governance, risk & compliance; and James Brokenshire MP, will investigate the Dynamics of e-Crime. The panel on Externalisation features CISOs from Astra Zeneca; Eli Lilly; and BP.
Infosecurity Europe, running for its 14th year is Europes number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Infosecurity Europe runs from the 28th 30th April 2009, in its new venue Earls Court, London.