Information Security
2012 TRUST, SECURITY & PASSWORDS SURVEY
JUNE 2012
©2012 Cyber-Ark Software, Inc. | www.cyber-ark.com
2
Contents page
Page 3 Pages 4 – 13
Executive Summary Key Report Findings Page 4: Insiders Considered Greatest Organizational Security Threat Page 5: Privileged Accounts Are Increasingly Targeted – Regardless of Attack Entry Point Page 5: High Profile Security Incidents Impact Organizational Security Strategies Page 6: Organizations are taking a broad approach to security in 2012 Page 7: Increasing Number of Organizations at Risk by Failing to Monitor Privileged Accounts Page 8: Motivated Insiders Get Around Current Controls Page 8: Employees Accessing Unauthorized Information Page 9: Administrative Passwords – Wide Ranging Access Page 10: Employees Plan on Taking Privileged Passwords on Way Out Page 12: Intellectual Property – Competitive Theft Page 13: Data Breach Notification Laws Fail to Curb Data Loss
Page 14 Appendix 1 – Sample Page 15 About Cyber-Ark and media contacts
©2012 Cyber-Ark Software, Inc. All rights reserved
3
Executive Summary
Cyber-Ark’s 2012 Trust, Security & Passwords survey is the sixth in a series of annual surveys focused on identifying key security trends amongst IT workers. The survey assesses the extent to which privileged accounts and passwords are being protected in organizations today, and also provides insight into the core threats that exist and the measures being taken to defend systems. The survey report is the result of interviews with 820 IT managers and C-level professionals across North America and EMEA, primarily from enterprise companies. The security landscape continues to evolve – businesses can no longer simply focus on securing the network perimeter in hopes of keeping attackers out. As the enterprise perimeter dissolves, and reports of internal and external threats increase, privileged access points have emerged as the primary target for enterprise attacks. Privileged
JUNE 2012
©2012 Cyber-Ark Software, Inc. | www.cyber-ark.com
2
Contents page
Page 3 Pages 4 – 13
Executive Summary Key Report Findings Page 4: Insiders Considered Greatest Organizational Security Threat Page 5: Privileged Accounts Are Increasingly Targeted – Regardless of Attack Entry Point Page 5: High Profile Security Incidents Impact Organizational Security Strategies Page 6: Organizations are taking a broad approach to security in 2012 Page 7: Increasing Number of Organizations at Risk by Failing to Monitor Privileged Accounts Page 8: Motivated Insiders Get Around Current Controls Page 8: Employees Accessing Unauthorized Information Page 9: Administrative Passwords – Wide Ranging Access Page 10: Employees Plan on Taking Privileged Passwords on Way Out Page 12: Intellectual Property – Competitive Theft Page 13: Data Breach Notification Laws Fail to Curb Data Loss
Page 14 Appendix 1 – Sample Page 15 About Cyber-Ark and media contacts
©2012 Cyber-Ark Software, Inc. All rights reserved
3
Executive Summary
Cyber-Ark’s 2012 Trust, Security & Passwords survey is the sixth in a series of annual surveys focused on identifying key security trends amongst IT workers. The survey assesses the extent to which privileged accounts and passwords are being protected in organizations today, and also provides insight into the core threats that exist and the measures being taken to defend systems. The survey report is the result of interviews with 820 IT managers and C-level professionals across North America and EMEA, primarily from enterprise companies. The security landscape continues to evolve – businesses can no longer simply focus on securing the network perimeter in hopes of keeping attackers out. As the enterprise perimeter dissolves, and reports of internal and external threats increase, privileged access points have emerged as the primary target for enterprise attacks. Privileged