The results of the 10th Annual Market Pulse Survey from SailPoint Technologies Holdings, Inc. (NYSE: SAIL), the leader in enterprise identity governance, expose an alarming trend: despite an increased focus on cybersecurity awareness in the workplace, employees’ poor cybersecurity habits are getting worse, compounded by the speed and complexity of the digital transformation. Of the 1,600 global employees surveyed, 75% of respondents admitted to reusing passwords across accounts, including work and personal, compared to 56% who admitted to doing so in 2014, when SailPoint first posed the question.
Organizations are at varying stages of the digital transformation, and that evolution has presented an increasingly complex IT environment to manage securely. Yet this years’ Market Pulse Survey findings points to a workforce who are less committed to security best practices. This has not only introduced more risk, but also a sense of frustration between the IT team trying to secure and enable the business and users who want to work more efficiently. Over half (55%) of survey respondents stated their IT department can be a source of inconvenience in their organization. This leads to employees skirting IT policies, such as the 31% who admitted that they have deployed software without IT’s help (i.e. ‘Shadow IT’).
Efforts to get around IT may not necessarily be done with malicious intent, but the reality is they directly increase IT risk for the organization. For example, 13% of employees admitted they would not immediately notify their IT department if they thought they had been hacked. Further compounding this issue is a workforce that tends not to understand the role of all employees in keeping an organization secure, as 49% of respondents would actually blame the IT department for a cyberattack if one occurred as a result of an employee being hacked.
However, it’s not just today’s employees exposing organizations to risk. As the digital transformation blurs the traditional security perimeter with cloud apps, it is also redefining the definition of a “user.” Enterprises are increasingly adopting software bots powered by robotic process automation (RPA), and granting them access to mission-critical applications and data, like their human counterparts. Nearly half (48%) of respondents are currently using or planning to use chatbots and artificial intelligence personal assistants, with more than one tenth (13%) already using these in their organization to increase their work efficiency.
“To secure and enable today’s modern workforce, the users have become the new ‘security perimeter’ and their digital identities are the common link across an organization’s IT ecosystem at every stage of its digital transformation,” said Juliette Rizkallah, CMO, SailPoint. “By taking an identity-centric approach to security, IT can gain full visibility and control into which applications and data that users, including both human and non-human bots, are accessing to do their jobs. This approach allows enterprises of all sizes to confidently address the tension between enablement and security exposed in our Market Pulse Survey.”