Senior Managers Are the Worst Information Security Offenders 181
An anonymous reader writes "As companies look for solutions to protect the integrity of their networks, data centers, and computer systems, an unexpected threat is lurking under the surface — senior management. According to a new survey, 87% of senior managers frequently or occasionally send work materials to a personal email or cloud account to work remotely, putting that information at a much higher risk of being breached. 58% of senior management reported having accidentally sent the wrong person sensitive information (PDF), compared to just 25% of workers overall."
Friggin crazy (Score:1, Interesting)
As a senior, but with practical security experience, plenty of it, I can tell you what is happening is the younger crowd are FAR more likely to lie about having sent business information. The older one gets, the less they care about lying to cover their ass.
Secondly I will say that in every job I worked, I knew a lot more about security than the company did. An exception might be the companies that specifically hired me, to breach security at their companies, as proof their college educated certified IT people were clueless. Someone on the board of those companies knew the difference between book smart and actually smart.
Great example; the white house;
me: why does CICS have all these storage violations everyday?
OPM: oh they are nothing, just program bugs
me: no, they are storage violations. You can't tell the difference between a program bug and someone intentionally going after info.
OPM: your fired.
Guess what news story was next to be covered up and swept under the rug?
Bosses, senior or not, who do not want to hear bad news is what leads to things like the Healthcare rollout fiasco. And they are the #1 security problem in I.T. as well.
Epic facepalm moments (Score:5, Interesting)
Then one day it happened. She decided to send out a mass email to all staff, and composed it by hitting Reply on one of my emails. I got into work, checked my email, and did the biggest head-desk of my life. She had replied to one of my emails where we'd been discussing employee bonuses and pay raises, including extensive deliberation over what we were going to tell certain employees in their annual performance review. That lengthy discussion was quoted and got sent to the entire staff. Fortunately the damage wasn't as severe as it could have been - the four employees we'd discussed in the email thread were all good employees so most of our comments had been positive.
On the up side, it broke her habit. She never composed a new email by hitting Reply again.
Re:Seen it on the job: (Score:5, Interesting)
Re:Seen it on the job: (Score:5, Interesting)
No, it won't. Senior managers are very often less intelligent than the people they oversee. What senior managers possess is greater (but misplaced) confidence in their own abilities and/or some level of sociopathy. These conditions lead to willful bindness of their own failings.