A survey of 900 IT workers by One Identity found that Australian infosec professionals are among the worst when it comes to snooping with almost two-thirds admitting they have searched for information that is not necessary to their jobs. If you ask most CSOs and CISOs what they are most worried about and most will say internal threats are significant. But I wonder if they worry enough about their own departments.
While it's not all about stealing data and other malicious activity, anyone can fall prey to a social engineering attack or accidentally copy data to an unsecured or less secure location without fully thinking through the consequences. As well as infosec workers, the survey found 83% of Australian respondents report that employees attempt to access information they do not need for their day-to-day work.
The most snooped-on data is sensitive information about their company’s performance, apart from what is required to do for their job.
The management suite is also a hotspot for snooping with 71% of executives admitting they sought extraneous information, and 45% of executives admit to snooping for or accessing sensitive company performance information specifically.
Workers in smaller companies were also more likely to look for data they aren't meant to be looking for with respondents in tech companies also more likely to go data hunting.
You can access the report from One Identity's website.