Survey reveals a third of workers can be bribed

by Michael Smith (Veshengro)

Would you sell your company’s secrets to a stranger for a million pounds?

That was the exact question that was put to 600 commuters recently at busy London railway stations and more than a third (37%) admitted that they would give over their company’s secrets for the right price.

Researchers from Infosecurity Europe – Europe’s largest IT security event which takes place next week, asked workers what it would take to tempt them to download and hand over sensitive company information to a stranger, offering incentives ranging from a ‘slap up meal’ to offers of over ten million pounds.

Of the 37% of workers who could be corrupted 63% would only hand over sensitive data for at least one million pounds, 10% would do it if their mortgage was paid off, 5% would do it for a holiday, 4% for getting rid of their credit card debt and 5% would do it for a new job. The surprised researchers couldn’t believe their ears when 2% of the workers admitted that they would hand over their company’s crown jewels just for a free slap up meal.

The types of information that the workers had access to included customer data bases (83%); Business Plans (72%); Accounting Systems (53%); Human Resources data bases (51%); and IT Admin Passwords (37%).

Two thirds (68%) of employees think it is easy to sneak information out of their organisation and 88% of employees thought that the information that they had access to was valuable. More than half of the workers in the survey (55%) said they were more worried about losing their jobs than they were this time a year ago.

Employee loyalty has changed too with a third saying they felt a lot less loyalty to their employers than a year ago, however 5% were more loyal as they felt they had job security.

“It’s quite staggering that a third of people are open to bribery, although it’s encouraging that 63% of workers are honest and wouldn’t give anything away not even for a million pounds! However, you can’t count on people’s honesty to protect the assets of company, it’s down to an organisation to take steps to ensure their most valuable assets are locked down and protected, especially confidential customer data”, said Tamar Beck, Group Event Director, Infosecurity Europe. “Criminals are very adept at finding the vulnerable workers who can be tempted into betraying their employers, therefore, organisations should ensure that they have trained their people to protect sensitive information and have adequate technology and processes in place to help them enforce security policies that comply with current regulation and legislation.”

When the information asked for changed to credit card information, account details or security codes then employees became harder to tempt with 80% refusing to take the risk and wouldn’t provide this information at any price. For the 20% of employees who would pass on credit card information, account details or security codes, 68% would only do it for a million pounds, 7% if their mortgage was paid off, and 15% for paying off their credit cards.

To say that such finding be worrying would be more than an understatement. I wonder what answers we would get if we would ask people that have access to this country's secrets. I would not be surprised if the replies there, especially amongst the “ordinary” staff, would be the same. This does not bode well for your and my personal data that is held here and there and accessible by call center staff working for the various agencies. No wonder, therefore, that identities are being cloned at an alarming rate.

Infosecurity Europe is the event that enables organisations to prepare for the potential onslaught on their information systems, it plays host to Europe's largest FREE educational programme where visitors have the opportunity to listen to a fantastic range of 150 experts including the David Blunkett MP who will give the Opening Address on the Rapidly Changing Face of Cybersecurity – What Dangers For 2012. Lord Erroll will lead a keynote which looks at Who Got Caught Out in the Last 12 months and Dr. Nigel P Brown, from the Cabinet Office will lead a debate on the impact of the Global Credit Crunch on the Information Security Market. Lynn Lawton, International President for ISACA, will lead a discussion of the role that information security has in governance, risk & compliance; and James Brokenshire MP, will investigate the Dynamics of e-Crime. The panel on Externalisation features CISOs from Astra Zeneca; Eli Lilly; and BP.

Infosecurity Europe, running for its 14th year is Europe’s number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Infosecurity Europe runs from the 28th – 30th April 2009, in its new venue Earls Court, London.

To register to attend or for more information please visit www.infosec.co.uk

© 2009
<>