Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

STUDY FINDS EMPLOYEES, IT PROFESSIONALS IN GERMANY MORE CONFIDENT ABOUT PROTECTION OF IMPORTANT DATA THAN IN US, UK, FRANCE

Varonis-Sponsored Ponemon Institute Survey Contrasts Security Practices, Vigilance

Employees and IT professionals in German organisations are more confident about their ability to resist the growing risks of cyberattacks and insider threats than their counterparts in the US, UK and France. Those are among the findings from a new study of more than 3,000 end-user employees and IT practitioners across the U.S. and Europe.

The report was conducted by the Ponemon Institute and sponsored by Varonis Systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks. The new release, “Differences in Security Practices and Vigilance Across UK, France, Germany and US,” compares the responses of IT professionals and end-user employees in these four countries. The total of 3,027 respondents included 1,109 people in the United States, 670 people in Germany, 655 people in the UK, and 593 people in France, who work in organisations ranging in size from dozens to tens of thousands of employees in a variety of industries including financial services, public sector, health care and life sciences, retail, industrial, and technology and software.

Among the key findings:

  • Employees in the UK, France, Germany, and the US all say insiders who are negligent are more likely to put the organisation’s data at risk than external attackers or insiders acting with malicious intent.
  • Fifty percent of German employees say they take all appropriate steps to protect the company data they access and use, compared with 39 percent of UK employees, 37 percent of French employees and 35 percent of US employees.
  • Forty-four percent of German employees say their organisations strictly enforce policies against the misuse or unauthorized access to company data, well above the responses to the same question in the UK (35 percent), US (32 percent) and France (29 percent).
  • Thirty-nine percent of IT professionals in Germany believe their organisations fully enforce a strict least privilege model (which means access to company data only on a need-to-know basis) for file shares and other collaborative data stores, much higher than the confidence levels in the US (29 percent), France (25 percent) and UK (23 percent).
  • Although German IT pros are least likely to say their organisations have experienced ransomware (12 percent compared with 17 percent in the US, 16 percent in France and 13 percent in the UK), they express the highest levels of concern about the threat of ransomware (83 percent very or extremely concerned in Germany compared with 80 percent in France, 77 percent in the US and 63 percent in the UK).
  • Asked if their organisations have experienced the loss or theft of data in the last two years, the highest response among IT people was in the US (82 percent), followed by France (80 percent), UK (76 percent), and Germany (64 percent).
  • In Germany, both employee end users (30 percent) and IT staff (45 percent) are more likely than in the other countries to believe their management would accept a decline in productivity in order to prevent security risks. The same question produced less optimism about this balance in the UK (25 percent of employees, 34 percent of IT), France (23 percent of employees, 35 percent of IT), and the US (21 percent of employees, 30 percent of IT).
  • The top three security threats that most concern IT professionals differ in each country:
    • France: Insiders who are negligent: 67 percent, outside attackers who compromise insider credentials: 53 percent, malicious contractors: 40 percent
    • UK: Insiders who are negligent: 61 percent, outside attackers who compromise insider credentials: 55 percent, malware: 47 percent
    • US: Insiders who are negligent: 61 percent, outside attackers who compromise insider credentials: 55 percent, malware: 47 percent
    • Germany: Outside attackers who compromise insider credentials: 66 percent, malware: 46 percent, malicious contractors: 41 percent (insiders who are negligent ranked fourth: 36 percent)

Commenting on the findings, Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute, a leading research center dedicated to privacy, data protection and information security policy, said, “Cultural and business norms vary from country to country, especially in the balance between employee privacy and organisational security. This can affect attitudes, preparedness and resistance to insider threats and cyberattacks. The frequency and severity of data loss and theft continue to rise in a disturbing trajectory. There is far greater employee and third-party access to sensitive information than necessary. Monitoring access and activity around email and file systems is an essential part of protecting data. Executive and IT security leadership have an imperative to improve communication so that all employees and contractors understand their roles in contributing to the protection of important and sensitive data.”

David Gibson, Varonis Vice President of Strategy and Market Development, said, “This is a wake-up call about the lack of modern protections and the lack of leadership – both in the executive suite and among IT management. Most high-profile intrusions involve the theft of files and emails that were not protected.  Insider threats and outside attackers that compromised insider credentials have caused major damage to those organisations and their reputations. Varonis is helping thousands of organisations around the world address these challenges in ways that not only dramatically reduce risk, but also improve productivity and efficiency.”