73 Percent of Companies Still Haven't Updated Their Privilege Management Policies

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

According to the results of a recent survey of 348 decision-making information security professionals, while 52 percent said news about the Edward Snowden NSA scandal has caused them to reconsider their approach to user and systems administrator privileges, 73 percent admitted that their organizations' privilege management policies have remained unchanged.

The survey, conducted by Avecto at the McAfee FOCUS 2013 conference in October 2013, also found that 33 percent of respondents said rogue employees present the most important security threat to their organization, while 40 percent said the same of malware.

And while more than 50 percent of respondents said their system administrators posed moderate to high risk to their network, only 20 percent are aware of how many server administrators in their organization currently have administrator rights.

"Media attention around the NSA's high-profile breach has created a significant turning point in how organizations think about security, with the IT function now increasingly aware of how attacks can stem from users and system admins with excess privileges," Avecto CEO Mark Austin said in a statement. "But awareness alone is not enough for network protection. Closing the disparity between those who realize the risks and those who are actively mitigating them is essential if organizations are to effectively defend against cybercrime, especially in today's advanced threat landscape."