The Register is one of my favorite IT new sites. After all, what’s not to love about a site whose motto was once, “Integrity? We’ve heard of it.”

They also publish stories with gems like these:

Workers across Europe are continuing to place their own companies at risk from information security attacks. This ‘threat from within’ is undermining the investments organisations make to defend against security threats, according to a study by security firm McAfee.

…

Based on its survey, McAfee has identified four types of employees who put their workplace at risk:

• The Security Softie – This group comprises the vast majority of employees. They have a very limited knowledge of security and put their business at risk through using their work computer at home or letting family members surf the internet on their work PC.
• The Gadget Geek – Those that come to work armed with a variety of devices/gadgets, all of which get plugged into their PC.
• The Squatter – Those who use the company IT resources in ways they shouldn’t (i.e. by storing content or playing games).
• The Saboteur – A very small minority of employees. This group will maliciously hack into areas of the IT system to which they shouldn’t have access or infect the network purposely from within

Personally, I suspect the only people in a modern enterprise who aren’t on this list are the ones with no computer access. Other than some of the people in manufacturing environments, I’m not sure who that would be, though. I can’t even think of anyone on the security team here who isn’t either a Gadget Geek or a Squatter. I’m a squatter, myself. Diablo II is much better than DVD’s to kill time on intercontinental flights so long as there’s some sort of power outlet.

So my congratulations to McAfee. They’ve managed to come up with a study in which every single employee is a risk. Now do something useful and help me determine which ones are the risks I can’t accept.