Over 90% of IT teams feel pressure to compromise security

Organizations have forced IT teams into compromising security for business continuity, according to new research.

Seventy-six percent of IT teams admit security took a backseat to business continuity during the pandemic, according to HP Wolf Security’s new study, titled “Rebellions & Rejections Report.” The same percentage felt they’re in a no-win situation where they’re being told to lock down security while being pressured to create shortcuts to enable innovation. Nearly all IT teams (91%) felt pressured to compromise security if it benefitted business continuity, including 50% who described the pressure as “significant.”

The survey questioned adults in the US, UK, Mexico, Germany, Australia, Canada, and Japan who used to be office workers, and worked from home the same amount or more than before the pandemic. It also found 48% of office workers aged 18 to 24 years old viewed security tools as a hindrance, leading to 31% trying to bypass corporate security policies to get their work done.

Nearly half (48%) of office workers surveyed agreed that seemingly essential security measures result in a lot of wasted time – this rises to 64% among those aged 18 to 24 years old. Over half (54%) of 18- to 24-year-olds were more worried about meeting deadlines than exposing their organization to a data breach; 39% were unsure what their security policies say or didn’t know if they existed.

The report suggested an overall growth of apathy among younger workers.

The report found that because of this, 83% of IT teams believe the increase in home workers has created a “ticking time bomb” for a corporate network breach.

When asked about the type and significance of threats that businesses now face, 84% of IT teams saw ransomware as a significant or very significant risk. Other threats posed included unpatched vulnerabilities and firmware attacks on laptops (83%), data leakage (82%), account/device takeover (81%), targeted attacks and man-in-the-middle attacks (79%), internet of things (IoT) threats (77%), and printer firmware attacks (76%).

“CISOs are dealing with increasing volume, velocity and severity of attacks,” said Joanna Burkey, CISO at HP Inc. “Their teams are having to work around the clock to keep the business safe, while facilitating mass digital transformation with reduced visibility. Cybersecurity teams should no longer be burdened with the weight of securing the business solely on their shoulders, cybersecurity is an end-to-end discipline in which everyone needs to engage.”