Is Workplace Culture the Greatest Barrier to Corporate Security in The U.S.?

centrify_cakeThe average American workplace hears more about happy hours and birthdays than IT security, according to identity management provider Centrify.

Today, Centrify announced additional findings from its recent State of the Corporate Security Perimeter Survey, which questioned over 400 U.S. and UK IT decision makers (ITDMs) in order to find out if corporations are as secure as they need to be.

Part one of the survey revealed dangerous gaps in protocols related to identity management while part two spotlights some of the cultural realities businesses must consider in their approach to securing assets.

Centrify’s findings highlight an all-too-familiar problem for security pros: a lack of cultural awareness around security needs in U.S. businesses.

Priviledged Identity Management - Three Reasons

Complementary Whitepaper: Protecting Privileged Accounts from Abuse

  • Identify the advantages and risks of High-Privilege Access
  • Assure security compliance
  •  Learn to better manage privileged identities

According to Centrify, 24 percent of U.S. respondents hear more about office happy hours than they do about security.

22 percent hear more about birthdays, and 18 percent hear more about kitchen etiquette.

Now it’s natural for people to talk about fun stuff like happy hours and birthdays, but kitchen etiquette? Really?

To me, that stat epitomizes the lack of security culture in the U.S (that, and a lack of making fresh coffee when you finish the pot).

Even more frustrating than that, 48 percent of US ITDMs said that they had to fight their organization for stricter security protocols, according to the report.

This struggle comes despite Centrify’s findings that 59 percent of US ITDMs said their organization was breached in the past.

42 percent of US ITDMs have lost the fight for stricter protocols, according to Centrify.

“The real enemy here is lack of concern,” said Bill Mann, Centrify chief product officer in a statement released today. The technology for better security exists but the will to implement such solutions is lacking. Many companies never realize that their security is lacking until their name is “splashed across the headlines” following a breach, says Mann. “Even if a company is not famous, one data leak can bring an entire business to a permanent halt.”

Jeff Edwards
Follow Jeff