The notorious data leaks by NSA whistleblower Edward Snowden have caused over half of IT security executives to reconsider their approach to user and systems administrator privileges, a survey has revealed.
Despite this, the majority of the 348 decision makers surveyed by Avecto last month said they are not taking action.
While most respondents agreed the incident has heightened concerns around IT admins with excess privileges, 73% admitted their organisations’ privilege management policies remain unchanged.
A third of respondents cited rogue employees as the most important security threat to their organisation, second only to the 40% who said malware.
For organisations that have reduced the number of administrator rights in their IT environment, malware mitigation was the key driver for 33% of them, followed by external compliance (14%), internal compliance (11%) and insider threat (11%).
More than half claimed their system administrators posed a moderate-to-high risk to the network, and only 20% were aware of how many server administrators in their organisation had administrator rights.
Furthermore, 45% admitted experiencing server outages due to configuration errors by server administrators.
“Media attention around the NSA's high-profile breach has created a significant turning point in how organisations think about security, with the IT function now increasingly aware of how attacks can stem from users and system admins with excess privileges,” said Mark Austin, CEO at Avecto.
“But awareness alone is not enough for network protection. Closing the disparity between those who realise the risks and those who are actively mitigating them is essential if organisations are to effectively defend against cybercrime, especially in today’s advanced threat landscape.”