CISOs 'don't understand the risks of shadow IT'
Staff use 1,000 cloud apps without IT's knowledge


Research by Symantec has revealed that CISOs are still not aware of how big their business cloud is, despite the fact a large number of employees are using unsanctioned apps in the workplace.
The security firm revealed that although CISOs estimate one in five workers are using applications that haven't had the go-ahead from the IT department, Symantec's 2017 Internet Security Threat Report revealed employees are actually using up to 1000 applications in their workplace, less than 1% of which have been sanctioned.
This is making it impossible for CISOs to keep track of usage, meaning employees are putting the company's security at risk, often sharing confidential files and folders with applications that don't have the stringent security controls required by the organisation.
Symantec explained that this will cause major problems in the future as stricter controls come into force by regulators, including the EU with GDPR. However, 95% of CISOs said ensuring cloud apps comply with regulations is the most stressful aspect of their job.
“Upcoming regulation such as GDPR is heightening the need for data security, putting more pressure on CISOs and CIOs to control the data flow in their organisation, whether on premise or via cloud applications,” Darren Thomson, vice president and chief technology officer, Symantec said.
“Unless CIOs and CISOs get a tighter grip on all the cloud applications used by their employees, they will be exposing themselves to an increased level of threats and risk being uncompliant with regulations," added Thomson. "Educating employees also plays an important role in raising awareness of the security risks associated with using unsanctioned apps.”
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published