Varonis recently released the third and final part of a study about data protection and enterprise security with the Ponemon Research institute: Differences in Security Practices and Vigilance across UK, France, Germany and US .
This report compares survey responses of more than 3,000 IT professionals and end-user employees in UK, France, Germany and US. The survey was conducted to determine the security gaps within organizations that can lead to data breaches and ransomware.
Some key findings from Release 3 include:
Employees in the UK, France, Germany, and the US say insiders who are negligent are more likely to put the organization’s data at risk than external attackers or insiders acting with malicious intent. 50% of German employees say they take all appropriate steps to protect the company data they access and use. (Compared with 39% of UK employees, 37% of French employees and 35% of US employees) 44% of German employees say their organizations strictly enforce policies against the misuse or unauthorized access to company data (Well above the responses to the same question in the UK (35%), US (32%) and France (29%).) 39% of IT professionals in Germany believe their organizations fully enforce a strict least privilege model (which means access to company data only on a need-to-know basis) for file shares and other collaborative data stores. (Much higher than the confidence levels in the US (29%), France (25%) and UK (23%).) Although German IT pros are least likely to say their organizations have experienced ransomware (12% compared with 17% in the US, 16% in France and 13% in the UK), they express the highest levels of concern about the threat of ransomware (83% very or extremely concerned in Germany compared with 80% in France, 77% in the US and 63% in the UK). Asked if their organizations have experienced the loss or theft of data in the last two years, the highest response among IT people was in the US (82%), followed by France (80%), UK (76%), and Germany (64%). In Germany, both employee end users (30%) and IT staff (45%) are more likely than in the other countries to believe their management would accept a decline in productivity in order to prevent security risks. The same question produced less optimism about this balance in the UK (25% of employees, 34% of IT), France (23% of employees, 35% of IT), and the US (21% of employees, 30% of IT). The top three security threats that most concern IT professionals differ in each country. However, it was concluded that IT Professionals in Germany are more confident about data protection than the other countries surveyed: France: Insiders who are negligent: 67% Outside attackers who compromise insider credentials: 53% Malicious contractors: 40% UK: Insiders who are negligent: 61% Outside attackers who compromise insider credentials: 55% Malware: 47% US: Insiders who are negligent: 61% Outside attackers who compromise insider credentials: 55% Malware: 47% Germany: Outside attackers who compromise insider credentials: 66% Malware: 46% Malicious contractors: 41% Insiders who are negligent: 36%Despite the differences among the countries in regards to security threats, the continuing increase in data loss and theft is consistent. Sensitive information, which is valuable to all companies, needs to be well-protected, and access and activity needs to be monitored.
Find out how Varonis helps reduce risk and increase productivity and efficiency .
Further Reading:
Release 1 of the 2016 report, titled “Closing Security Gaps to Protect Corporate Data: A Study of U.S. and European Organizations,” can be foundhere. Key findings included a huge rise in data loss. Release 2, titled “The Widening Gap between IT and End Users,” can be foundhere. It compares end-user practices and beliefs with those of their colleagues in IT security.