CISOs 'don't understand the risks of shadow IT'
Staff use 1,000 cloud apps without IT's knowledge


Research by Symantec has revealed that CISOs are still not aware of how big their business cloud is, despite the fact a large number of employees are using unsanctioned apps in the workplace.
The security firm revealed that although CISOs estimate one in five workers are using applications that haven't had the go-ahead from the IT department, Symantec's 2017 Internet Security Threat Report revealed employees are actually using up to 1000 applications in their workplace, less than 1% of which have been sanctioned.
This is making it impossible for CISOs to keep track of usage, meaning employees are putting the company's security at risk, often sharing confidential files and folders with applications that don't have the stringent security controls required by the organisation.
Symantec explained that this will cause major problems in the future as stricter controls come into force by regulators, including the EU with GDPR. However, 95% of CISOs said ensuring cloud apps comply with regulations is the most stressful aspect of their job.
“Upcoming regulation such as GDPR is heightening the need for data security, putting more pressure on CISOs and CIOs to control the data flow in their organisation, whether on premise or via cloud applications,” Darren Thomson, vice president and chief technology officer, Symantec said.
“Unless CIOs and CISOs get a tighter grip on all the cloud applications used by their employees, they will be exposing themselves to an increased level of threats and risk being uncompliant with regulations," added Thomson. "Educating employees also plays an important role in raising awareness of the security risks associated with using unsanctioned apps.”
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.
-
Why are many men in tech blind to the gender divide?
In-depth From bias to better recognition, male allies in tech must challenge the status quo to advance gender equality
By Keri Allan
-
BenQ PD3226G monitor review
Reviews This 32-inch monitor aims to provide the best of all possible worlds – 4K resolution, 144Hz refresh rate and pro-class color accuracy – and it mostly succeeds
By Sasha Muller