The Human face of Information Risk

Information Risk and Human Resources

The last in our series of 5 mini blogs on the results of our recent survey into employee behaviour and how it relates to Information Risk. Does industry sector make a difference?

What sector does your organisation operate in? Are your employees more or less likely to want to act maliciously to damage your organisation? A nationwide survey into employee behaviour found, amongst other things, that there is quite a difference in what employees are prepared to do depending on the industry they work in.

Sector	Would	Has	Why (top reason)	How (most responses)
Marketing	82%	12%	Missing promotion	Gossip or divisive speech
Construction	78%	13%	Missing promotion or low pay	Info to rivals
Transport & Distribution	75%	4%	Lack of respect	Steal data
Hospitality	73%	14%	Lack of respect	Info to rivals
Industry	70%	24%	Missing promotion or low pay	Info to rivals
Media & Publishing	69%	14%	Lack of respect or low pay	Other
Design	66%	11%	Low pay	Not clear
Property	66%	12%	Low pay	Info to rivals
Environmental Services	64%	8%	Missing promotion	Divisive speech
Health	62%	2%	Lack of respect	Other
Travel & Tourism	62%	5%	Lack of respect or missing promotion	Other
Telecoms	55%	3%	Lack of respect	Delete or move info
Gov. & Public Service	53%	3%	Low pay	Delete or move info & other
Computing & Electronics	52%	11%	Low pay	Other
Entertainment	50%	/	Missing promotion	Other
Legal	50%	/	Lack of respect	Delete or move info
Voluntary Sector	48%	/	Lack of respect or missing promotion	Other
Finance	48%	3%	Lack of respect	Delete or move info
Retail	48%	/	Lack of respect	Other
Utilities	48%	/	Missing promotion or low pay	Divisive speech
Agriculture	40%	/	/	/
Culture & Sport	39%	/	/	Delete or move info
Education	30%	/	Low pay	Other
Other	56%	2%	/	/

The vast majority of the sectors surveyed follow the pattern of having over half of their workforce willing to sabotage their employer. Even those industries where Information Risk Management is a high priority, like Government and Finance, have a significant issue.

The massive 24% of people from Heavy Industry who admitted to already having compromised their company is worthy of note. Their reasons were poor pay or missing promotion, and they would do that by sending information to rivals. The impact this action could have on this sector are varied; from short term loss of sales and longer term degradation of competiveness.

Those employed in Education get the gold star in comparison to others, but even 30% of these people would choose to harm their employer’s business.

To find out more about the human factor of Information Security come along to Ascentor’s seminar. Simon Moore from the CBI and Gordon Morrison from Intellect, together with Ascentor’s MD, Dave James will be discussing the results and how to protect your company’s information. The Human Face of Information Risk – The Bristol Hotel – Thursday, 6th September 2012 .

Cookie	Type	Duration	Description
nf_wp_session	session	1 hour	Enables to website forms to function as intended
viewed_cookie_policy	session	1 hour	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Type	Duration	Description
__stid	persistent	1 year	The cookie is set by ShareThis. The cookie is used for site analytics to determine the pages visited, the amount of time spent, etc.
_ga	session	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gat	session	1 minute	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
_gid	session	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
gwcc	session	2 months	This cookie allows Google to track any call conversions on mobile devices. For example if a customer is clicking a phone number on the contact us page to dial from their mobile device

Cookie	Type	Duration	Description
_otpe	session	30 minutes	Opentracker tracking – this cookie is used to store the previous event before landing on the current page
_ots	session	30 minutes	Opentracker tracking – this cookie is used to determine new sessions/visits
_otui	persistent	4 years	Opentracker tracking – this cookie is used to distinguish users and sessions.

Get your Cyber Essentials Certification with support from the experts.

Discover where your main business risks lie with our free information risk assessment

Receive Ascentor’s Designing and Delivering a Cyber Security Programme White Paper

Information Risk and Human Resources

You may also be interested in:

Ascentor

Get your Cyber Essentials Certification with support from the experts.

Discover where your main business risks lie with our free information risk assessment

Receive Ascentor’s Designing and Delivering a Cyber Security Programme White Paper

You may also be interested in:

Building business resilience - through Information Security, Business Continuity and Disaster Recovery

Ascentor’s cyber security review of 2020

Cyber security myths putting SMEs at risk

Contact us

We value your privacy