2020 RSA Conference Survey –
What’s Your Risk Score?
Download Report
At the 2020 RSA Conference, Gurucul conducted a survey about the risky behaviors of IT Security professionals. We wanted to gauge how common it is for IT security personnel – who are most attuned to today’s cyber threats – to engage in risky behaviors. Nearly 300 RSA Conference attendees, across all main vertical markets, completed the survey. Key findings include:
- More than one third (38%) of respondents send company documents to their personal email.
- Nearly two thirds (63%) have accessed company documents that have nothing to do with their job roles.
- 47% of security pros have clicked on a link in an email from someone they didn’t know.
- Nearly one in five (19%) respondents have abused their privileged access to view sensitive data. (That number spikes to 36% among those who’ve had a poor job performance review.)
- A fifth (20%) of IT security professionals have voiced their frustrations with work on social media. That number rises to 48% for people who’ve had a poor job performance review.
What’s Your Risk Score? Download the full report today for details on why behavior is the leading threat indicator – of insider threats.
‛‛ Today’s most damaging security threats do not originate from malicious outsiders or malware but from trusted insiders with access to sensitive data and systems – both malicious insiders and negligent insiders. ’’
– 2020 Insider Threat Report, Cybsersecurity Insiders
Gurucul is a global cyber security company that is changing the way organizations protect their most valuable assets, data and information from insider and external threats both on-premises and in the cloud. Gurucul’s real-time Unified Security and Risk Analytics Platform provides Analytics-Driven SIEM, UEBA, XDR, Risk-Driven SOAR, Identity Analytics, and Fraud Analytics. It combines machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches. Gurucul technology is used by Global 1000 companies and government agencies to fight cybercrimes, IP theft, insider threat and account compromise with high efficacy detections as well as for log aggregation, compliance and risk based security orchestration and automation for real-time extended detection and response.
