I read a very interesting study by Cryptzone from last year that confirmed something we here at MicroData already knew, yet it’s still amazing to see confirmed. A group of 300 IT security professionals were asked about ‘who respects security the most within their company.”
the respondents reported that the board of directors believe that ‘the rules don’t apply to them’ when it comes to respecting IT security policies and procedures. And 42% believe that the board of directors and senior management are most likely to ‘ignore or flout security policies and procedures.’
What makes this particularly worrisome is that senior management and boards have access to the most sensitive information.
It’s not hard to see where the train wreck can occur. And what kind of example does senior management set for the rest of their organization?