The results of the 10th Annual Market Pulse Survey from SailPoint Technologies Holdings, Inc., the leader in enterprise identity governance,
expose an alarming trend: despite an increased focus on cybersecurity
awareness in the workplace, employees' poor cybersecurity habits are
getting worse, compounded by the speed and complexity of the digital
transformation. Of the 1,600 global employees surveyed, 75% of
respondents admitted to reusing passwords across accounts, including
work and personal, compared to 56% who admitted to doing so in 2014,
when SailPoint first posed the question.
Organizations
are at varying stages of the digital transformation, and that evolution
has presented an increasingly complex IT environment to manage
securely. Yet this years' Market Pulse Survey findings points to a
workforce who are less committed to security best practices. This has
not only introduced more risk, but also a sense of frustration between
the IT team trying to secure and enable the business and users who want
to work more efficiently. Over half (55%) of survey respondents stated
their IT department can be a source of inconvenience in their
organization. This leads to employees skirting IT policies, such as the
31% who admitted that they have deployed software without IT's help
(i.e. ‘Shadow IT').
Efforts
to get around IT may not necessarily be done with malicious intent, but
the reality is they directly increase IT risk for the organization. For
example, 13% of employees admitted they would not immediately notify
their IT department if they thought they had been hacked. Further
compounding this issue is a workforce that tends not to understand the
role of all employees in keeping an organization secure, as 49% of
respondents would actually blame the IT department for a cyberattack if
one occurred as a result of an employee being hacked.
However,
it's not just today's employees exposing organizations to risk. As the
digital transformation blurs the traditional security perimeter with
cloud apps, it is also redefining the definition of a "user."
Enterprises are increasingly adopting software bots powered by robotic
process automation (RPA), and granting them access to mission-critical
applications and data, like their human counterparts. Nearly half (48%)
of respondents are currently using or planning to use chatbots and
artificial intelligence personal assistants, with more than one tenth
(13%) already using these in their organization to increase their work
efficiency.
"To
secure and enable today's modern workforce, the users have become the
new ‘security perimeter' and their digital identities are the common
link across an organization's IT ecosystem at every stage of its digital
transformation," said Juliette Rizkallah, CMO, SailPoint. "By taking an
identity-centric approach to security, IT can gain full visibility and
control into which applications and data that users, including both
human and non-human bots, are accessing to do their jobs. This approach
allows enterprises of all sizes to confidently address the tension
between enablement and security exposed in our Market Pulse Survey."