The expert company Rostelecom-Solar presented the results of a study, from which it became known that 40% of employees in Russia share corporate passwords with colleagues and friends. Approximately 30% of employees use weak passwords, and more than 22% do not store them properly. These violations lead to frequent information leaks and incorrect operation of companies' systems.
Igor Bederov, head of the department of information and analytical research at T.Hunter, says that employees of organizations use simple passwords instead of passwords generated by the manager. Rough handling of codes is a trend in all Russian companies, says Dmitry Bondar, director of the Solar inRights Access Control Competence Center at Rostelecom-Solar. According to him, organizations' reputational and financial damage is caused by irresponsibility and ignorance of the basics of information security of employees.
Almost three quarters of domestic business registers precedents of violations in security systems. For this reason, data is stolen from more than half of the companies in the country. 40% of organizations have 3 such violations per year, 32% - more than 5 per year, 30% - no more than 2. There are no companies in Russia that do not encounter violations.
Vulnerabilities in information security systems lead to data leakage and problems with the functioning of services and infrastructure of organizations. However, a big problem for security is not the negligence of company employees, but hackers who conduct phishing, BEC and supply chain attacks, as well as use social engineering, says Sergey Zolotukhin, senior trainer of computer forensics at Group-IB. Unlike deliberate attacks on the infrastructure of companies, internal leaks are more often accidental.
Zolotukhin notes that in order to improve security when handling data, it is necessary to train personnel in this. Half of Russian companies do not block access to their own systems for retired employees. This feature is common even in banking organizations and IT companies.
According to the research company Positive Technologies, Russian organizations have begun to pay more money to cybercriminals who block access to information. In 2021, more than a third of companies were hacked, and 16% paid a ransom to scammers, when no organization in Russia did this in 2019.
Analytical company DLBI reported an increase in the cost of breaking through information about Russians in the banking sector four times. In other companies, the price for this service has doubled. Experts attribute the increase in cost to the strengthening of banking security systems.
bbabo.Net