Stats and Figures

What’s really going on inside the networks of today’s largest organizations? To find out, we anonymously poll IT professionals from organizations of all sizes, vertical markets and regions.

Here’s a snapshot of current trends in privileged access, advanced persistent threats and cloud computing - as told to us by today’s IT professionals.

BlackHat USA - 2015  

  • 92% believe that cyber security drills can help companies prepare for cyber attacks.
  • 64% only run cyber security drills, at most, annually.
  • 84% think unmanaged privileged credentials are the biggest cyber security vulnerability in their organizations.
  • Only 3% believe their organizations could immediately identify an advanced persistent threat on the network.

IT Professional - 2015

  • 89% of respondents think that huge financial hacks are happening more often than reported and right under the nose of the auditors.
  • 71% believe that an APT will attempt to breach their organization in the next six months.
  • 94% think that recently announced US federal government cyber security sanctions will act as a deterrent to hackers.
  • 29% do not think that their IT security staff can detect a cyber attack attempting to breach their network.

Information Security - 2015

  • 85% of respondents think it's difficult to find skilled It security personnel.
  • 76% believe that cyber attacks are evolving too fast to keep up with.
  • 34% have used their privileged access to snoop around the network.
  • 69% do not think they are using IT security products to their full potential.

State-Sponsored Cyber Attacks - 2014

  • More than 1 out of 5 respondents are no longer confident that perimeter security tools react quickly enough to stop APTs. 
  • 58% are not confident that their network has never been breached by a foreign state sponsored attack or an advanced persistent threat.
  • 59% think a state-sponsored attacker will attempt to breach their organization in the next six months.
  • 48% do not think their IT staff can detect the presence of an attacker who attempts to breach the network or extract private data.

Information Security - 2014

  • More than 13% of IT security professionals can access previous employers’ systems using their old credentials.
  • More than 16% of those say they can still access systems at all previous employers. 
  • More than 16% of respondents say their organization does not have a policy that ensures ex-contractors can no longer access corporate systems, or they are not aware of one.  

Cloud Security - 2014

  • 80% of survey respondents choose to keep their sensitive data on their organization's network, rather than the cloud.
  • 33% of those surveyed said the thought of government snooping deters them from keeping data in the cloud.
  • 75% of respondents think that the cloud applications their users download cause security headaches.

Information Security - 2013

  • 73% of respondents would not bet $100 of their own money that their company won't suffer a data breach in the next six months. 
  • 32% work in organizations that do not have a policy to change default passwords when deploying new hardware, applications and network appliances.  
  • 81% think that staff tend to ignore the rules that IT departments put in place.
  • 76% think that employees in their organization have access to information that they don't necessarily need to perform their jobs. 

Information Security - 2012

  • 39 percent of IT staff can get unauthorized access to their organization’s most sensitive information – including the CEO’s data.
  • 68 percent of respondents believe that as an IT professional they have more access to sensitive data than people in other departments.
  • 20 percent of IT professionals have already exploited their privileged access. 
  • 11 percent of respondents would use their access to sensitive data if they were laid off.