How Cultural Differences Impact IT Security

Karen A. Frenkel Avatar

Updated on:

How Cultural Differences Impact IT Security

How Cultural Differences Impact IT SecurityHow Cultural Differences Impact IT Security

New and entry-level employees pose the greatest security risks, according to a majority of U.S. and German IT professionals. Frequent travelers came in second.

More Security Incidents Caused by Unintentional ErrorsMore Security Incidents Caused by Unintentional Errors

70% of American IT security practitioners and 64% of their German counterparts say employees’ unintentional mistakes cause more security incidents than intentional and malicious acts.

Hard To Differentiate Malicious and Negligent IncidentsHard To Differentiate Malicious and Negligent Incidents

49% compared to 44% of U.S. and German respondents, respectively, say they cannot tell the difference between security incidents caused by careless employees versus those caused deliberately and maliciously.

Comparison of Negligent Versus Malicious AttacksComparison of Negligent Versus Malicious Attacks

American IT practitioners who can differentiate between maliciousness and negligence say they represent 70% of all insider security incidents, compared to 63% of German respondents.

Insider Negligence Decreases ProductivityInsider Negligence Decreases Productivity

Respondents spend an average of three hours daily dealing with security risks caused by employee mistakes or negligence. They also waste two hours due to insider carelessness.

Most Careless and Negligent EmployeesMost Careless and Negligent Employees

72% of U.S. respondents and 66% of German respondents say ordinary users pose the greatest security risk because of their negligence. Contractors and third parties followed at 50% and 64% of U.S. and German respondents, respectively.

Profile of Riskiest EmployeesProfile of Riskiest Employees

New and entry-level employees pose the greatest risk, according to 81% of U.S. respondents and 80% of German respondents. Frequent travelers came in second: 71% U.S. respondents, 68% German respondents.

Long Hours Affect RiskLong Hours Affect Risk

Employees who work too many hours pose a risk, according to 69% of U.S. and 56% of German respondents. On average U.S. employees work 48 hours per week, compared to German employees, who work 35 hours.

Multitasking Also Poses RisksMultitasking Also Poses Risks

According to 79% of U.S. respondents and 81% of German respondents, multitaskers are more likely to be careless or negligent.

Employees' Sloppiness Costs MoneyEmployees’ Sloppiness Costs Money

Asked to estimate how much IT security spending they could save if employee negligence and carelessness were reduced by 50%, U.S. respondents’ highest estimate was 37%. Their German counterparts’ estimate was 36%.

Different Explanations for Unintentional Insider RiskDifferent Explanations for Unintentional Insider Risk

U.S. IT practitioners point to employees improperly trained to follow data security policies and senior executives who don’t consider data security a priority. In contrast, they admit that their organizations lack safeguards to protect against careless employees.

Karen A. Frenkel Avatar