NewsOctober 6, 2016 @ 12:26 PM

Top Concerns Vary Among Global IT Employees, According to Varonis Ponemon Study

A new Ponemon Institute study sponsored by software provider Varonis found that information security professionals in Germany are more confident about their threat protection capabilities than their counterparts in the U.S., U.K. and France.

The study, titled “Differences in Security Practices and Vigilance Across U.K., France, Germany and U.S.,” took a transnational view of software practices.

The Varonis Ponemon study surveyed a pool of 3,027 IT professionals, including 1,109 in the U.S., 670 in Germany, 655 in the U.K. and 593 in France. These experts were working for companies that vary widely in size and industry.

Key Takeaways From the Varonis Ponemon Study

Respondents from all locales included in the study agreed that irresponsible insiders pose a greater threat than external attackers or malicious insiders. From there, however, differences began to emerge.

Thirty-nine percent of IT professionals in Germany are confident their organizations enforce a “strict least privilege model,” meaning access to data is meted out “only on a need-to-know basis.” Comparatively, IT professionals in the U.S. (29 percent), France, (25 percent) and U.K. (23 percent) indicated much lower confidence levels.

Of the participants in the U.S., 82 percent said they had suffered data loss within the last two years. France ranked second in this category (80 percent), followed but the U.K. (76 percent) and Germany (64 percent).

Top Three Threats

Respondents from the U.S. and U.K. indicated that insiders posed the greatest security threat, followed by external fraudsters and malware. In fact, the percentages even broke down exactly the same way: Among respondents in both regions, 61 percent ranked insiders as the top threat, with outside cybercriminals (55 percent) and malware (47 percent) trailing close behind.

Sixty-seven percent of French respondents agreed that insider negligence was the greatest threat, with another 53 percent saying external criminals pose the second-greatest security threat. At 40 percent, malicious contractors ranked as the third-highest threat among French participants in the study.

Once again, Germany is the outlier. German IT professionals indicated that external cybercriminals seeking to compromise employee login credentials (66 percent) posed the greatest threat, followed by malware (46 percent) and nefarious contractors (41 percent). Insider negligence (36 percent) ranked fourth among German respondents.

“Cultural and business norms vary from country to country, especially in the balance between employee privacy and organizational security,” the study read. “This can affect attitudes, preparedness and resistance to insider threats and cyberattacks.”

Share this Article:
Larry Loeb

Principal, PBC Enterprises

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He wrote for IBM's DeveloperWorks site for seven years and has written a book on the Secure Electronic Transaction Internet protocol. His latest book has the commercially obligatory title of Hack Proofing XML. He's been online since uucp "bang" addressing (where the world existed relative to !decvax), serving as editor of the Macintosh Exchange on BIX and the VARBusiness Exchange.