A third of company workers would give over their company secrets for the right price

(27/04/2009)

Researchers from Infosecurity Europe asked workers what it would take to tempt them to download and hand over sensitive company information to a stranger, offering incentives ranging from a ‘slap up meal’ to offers of over ten million pounds.

Would you sell your company’s secrets to a stranger for a million pounds? That’s the question put to 600 commuters last week at busy London railway stations and a third (37%) admitted that they would give over their company’s secrets for the right price.

Of the 37% of workers who could be corrupted 63% would only hand over sensitive data for at least one million pounds, 10% would do it if their mortgage was paid off, 5% would do it for a holiday, 4% for getting rid of their credit card debt and 5% would do it for a new job. The surprised researchers couldn’t believe their ears when 2% of the workers admitted that they would hand over their company’s crown jewels just for a free slap up meal.

The types of information that the workers had access to included customer data bases (83%); Business Plans (72%); Accounting Systems (53%); Human Resources data bases (51%); and IT Admin Passwords (37%).

Two thirds (68%) of employees think it is easy to sneak information out of their organisation and 88% of employees thought that the information that they had access to was valuable. More than half of the workers in the survey (55%) said they were more worried about losing their jobs than they were this time a year ago.

Employee loyalty has changed too with a third saying they felt a lot less loyalty to their employers than a year ago, however 5% were more loyal as they felt they had job security.

“It’s quite staggering that a third of people are open to bribery, although it’s encouraging that 63% of workers are honest and wouldn’t give anything away not even for a million pounds! However, you can’t count on people’s honesty to protect the assets of company, it’s down to an organisation to take steps to ensure their most valuable assets are locked down and protected, especially confidential customer data”, said Tamar Beck, Group Event Director, Infosecurity Europe.

“Criminals are very adept at finding the vulnerable workers who can be tempted into betraying their employers, therefore, organisations should ensure that they have trained their people to protect sensitive information and have adequate technology and processes in place to help them enforce security policies that comply with current regulation and legislation.”

When the information asked for changed to credit card information, account details or security codes then employees became harder to tempt with 80% refusing to take the risk and wouldn’t provide this information at any price. For the 20% of employees who would pass on credit card information, account details or security codes, 68% would only do it for a million pounds, 7% if their mortgage was paid off, and 15% for paying off their credit cards.

Infosecurity Europe runs from the 28th – 30th April 2009, in its new venue Earls Court, London.

Related topics:  Data management and data security   Hacking and intrusion prevention   Security management and policies 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources