IT admins pose the biggest security risk to organizations, according to a global survey of security professionals from endpoint security software company Avecto.

Avecto surveyed 247 IT and security professionals in the US, UK, and EMEA for their views on the state of security within their respective organizations.

Collectively, respondents found that IT admins posed the most risk (22%), while disgruntled workers (20%) and C-level executives (18%) took the next two positions.

However, IT professionals in the US named disgruntled workers (24%) as posing the biggest threat to company security, while respondents from the UK considered the C-suite (26%) as the cause for the most concern.

Mark Austin, co-founder and co-CEO at Avecto said: “The range of workers identified – from chief execs to IT admins – shows the breadth and depth of risk every organization has to deal with when it comes to security. The geographical differences here are also interesting, with Snowdon’s impact in the US perhaps more keenly felt there than elsewhere in the world.”

When it comes to board engagement with security, 34% of respondents claimed that security is a concern but not a priority, while less than two-thirds of respondents believe security is a top concern among the leadership within their organisations.

Offering the most disparity between regions, the trade-off between security and freedom was a hot topic among IT and security professionals. EMEA saw a nearly even split between security and freedom, with 56% believing security should come first, with 44% prioritising productivity.

Conversely, both US and UK respondents place more value in security (84% and 77% respectively), while only 16% of US and 23% of UK professionals see user productivity as more important.

Mark continued: “Getting the right balance between security and freedom has been an ongoing problem, as vendors have tried to create products that don’t interfere with ‘business-as-usual’. Global organizations will need to address this divergence to align values and strategy around best security practices, solutions, user productivity and freedom.”