Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms - TechRepublic
▻http://www.techrepublic.com/article/study-finds-cybersecurity-pros-are-hiding-breaches-bypassing-protocols
Cybersecurity company Bromium has found that an average of 10% of security professionals have quietly paid ransomware demands, and that 35% have admitted to circumventing, disabling, or otherwise bypassing their organization’s security.
The startling numbers come from research that began at RSAC 2017 and continued afterward due to the numbers above, which startled Bromium’s research team.
“While we expect employees to find workarounds to corporate security, we don’t expect it from the very people overseeing the operation,” said Bromium co-founder and CTO Simon Crosby. “To find from their own admission that security pros have actually paid ransoms or hidden breaches speaks to the human-factor in cyber security.”
The study also suggests something else that should alarm anyone with a network to secure: Those numbers only account for security professionals who admit their mistakes.
[…]
Another, more troubling, possibility is something we’ve written about at TechRepublic before: Those who consider themselves tech-savvy are more likely to get hacked. Professionals may have an attitude of “it won’t happen to me” due to their knowledge and training, but one moment of complacency is all a dedicated hacker needs to find an exploit.
“[Highly privileged users are] inclined to believe that they are highly vigilant and therefore more secure, when in fact they have become blasé about the operational security needs,” Crosby said. “Just as you cannot train users not to click on plausible looking links, attachments and files, you cannot train IT Pros to remain vigilant.”
#selon_une_étude_récente menée par un vendeur de solutions, mais bon… il y a aussi des recommandations qui ne passent pas par cette solution.
Bromium’s solution comes in the form of its own micro-VM product, but if you don’t have the budget or desire to completely overhaul your system that isn’t a feasible option. That doesn’t mean that you can’t improve security, however.
• Minimize security fatigue by using a single sign-on system like Okta, Shibboleth, or OneLogin. Users can store all their credentials behind one secure system, saving time and headaches.
• Do a better job of filtering security alerts and notifications to your IT team. It may take more time to set up a system that minimizes notices and only sends them to the necessary people, but it will make alerts seem more important when they are received.
• If necessary, create an extra level of administrative privileges that lives between regular users and true admins. Restrict privileges a bit to force your line IT staff to conform to security standards.
• Train, train, train, then keep training. Make sure your team knows you’ll hold them accountable when something happens (and be sure to say when, not if).