An interesting new study commissioned by Cisco has just been released.CISCO Study The study focused on the behavior of people in various countries, when it comes to information security. It shows just how far we have to go. It’s a fascinating study about the attitudes and actions of non-IT personnel. The study surveyed 1,000 employees and 1,000 IT professionals from various industries and company sizes in 10 countries: the United States, the United Kingdom, France, Germany, Italy, Japan, China, India, Australia and Brazil. The countries were chosen because they represent a diverse set of social and business cultures, established and emerging network-dependent economies and varied levels of Internet adoption.
Some findings worth pondering:
50% of the non-IT personnel surveyed use company-issued computers to do personal business; almost 61% of users from China reported routinely getting email from a personal account.
An average of more than 4 in 10 users allow someone else to use their company-issued computer without supervision – France is highest with 58%.
People STILL write down their passwords and post them on their desk or monitor, especially in Italy (14%) and India (13%).
One our of five people report altering security settings so that they could visit unauthorized websites.
Seven of 10 IT professionals said employee access of unauthorized applications and Web sites ultimately resulted in as many as half of their companies’ data loss incidents.