Ivanti, the tech company that elevates and secures Everywhere Work, today announced the results of its Executive Security Spotlight report as part of Ivanti’s Cybersecurity Status Report Series. Ivanti surveyed over 6,500 executive leaders, cybersecurity professionals and office workers to understand today’s threats and discover how organizations are preparing for yet-unknown future threats.
Top executives — the employee group most targeted by threat actors — are frequently provided unfettered access to valuable data sources and networked assets. While 96% of leaders say they are at least moderately supportive and invested in their organization’s cybersecurity mandate, the reality is that 49% of CXOs have requested to bypass one or more security measures in the past year. Although security leaders are aware that high-access executives present a unique security threat, the research reveals that executive security exceptions and low-risk time-savers lead to outsized organizational risks.
The report identifies several executive cybersecurity habits and behaviors that security professionals need to be aware of:
- One in five leaders have shared their work password with someone outside the company.
- 77% use easy-to-remember password hacks, including birthdates or pet names.
- CXOs are three times more likely to share work devices with unauthorized users, such as friends, families and external freelancers.
- One in three executives admit to accessing unauthorized work files and data, and nearly two in three say that they could have edited those files/data when accessing them.
Moreover, the report highlights a critical issue of trust and communication between executives and the security teams responsible for protecting them. Executives are two times more likely to say their past interactions with security were ‘awkward’ or ‘embarrassing’ when sharing security concerns. This leads to executives being four times more likely to resort to external, unapproved tech support. To address this, the report emphasizes the importance of rebuilding trust and fostering a collaborative relationship between security teams and executives based on honesty and friendly support, rather than being punitive.
“When executives are willing to trade security for usability, they may be underestimating just how lucrative of a target they are for threat actors,” said Daniel Spicer, Chief Security Officer at Ivanti. “As our work environments have become digital-first it’s impossible to eliminate all risk – but we should eliminate unnecessary risk. The continued challenge for security leaders is to obtain organizational buy-in and compliance on cyber mandates – particularly with their peers on the executive team to close human-sized gaps and avoid a double standard being applied to the rest of the workforce.”
The report outlines steps businesses and security professionals can leverage to close the executive conduct gap including conducting audits, prioritizing remediation for the most common risks, conducting gamified security training sessions, and implementing “white glove” security programs.
To learn more about the results of Ivanti’s Executive Security Spotlight report, please visit here.
Ivanti elevates and secures Everywhere Work so that people and organizations can thrive. We make technology work for people, not the other way around. Today’s employees use a wide range of corporate and personal devices to access IT applications and data over multiple networks to stay productive, wherever and however they work. Ivanti is one of the only technology companies that finds, manages and protects each IT asset and endpoint in an organization. Over 40,000 customers, including 88 of the Fortune 100, have chosen Ivanti to help them deliver an excellent digital employee experience and improve IT and security team productivity and efficiency. At Ivanti, we strive to create an environment where all perspectives are heard, respected and valued and are committed to a more sustainable future for our customers, partners, employees and the planet. For more information, visit www.ivanti.com and follow @GoIvanti.