Forrester: Most Data Breaches Caused by Employees
Added 25th Sep 2012Most data breaches are caused by mundane events such as employees losing, having stolen or simply unwittingly misusing corporate assets, a Forrester Research report has found.
After questioning over 7,000 IT executives and ordinary employees across North America and Europe, 31 percent cited simple loss or theft as the explanation for data breaches they had experienced, ahead of inadvertent misuse by an employee on 27 percent.
External attack was mentioned in 25 percent of cases with abuse by malicious insiders on 12 percent. The same selection of causes was cited at much lower levels for business partners.
"Whether their actions are intentional or unintentional, insiders cause their fair share of breaches," said the authors. "Other common sources of breach include loss or theft of corporate assets, such as laptops or USB drives, and external attacks that target corporate servers or users."
Predictably, the arrival of mobile devices and the consumerisation of IT hasn't helped matters.
Most organisations formulate policies for securing mobile devices but, paradoxically, lack enough tools to enforce them.
Thirty-nine percent worried about a lack of data leak prevention on mobile devices, with half concerned about the consequences of old-fashioned theft. Thirty percent thought there wasn't sufficient separation between consumer and corporate data on mobile devices.
The commonest form of mobile device security is password entry plus remote lock and wipe with almost a quarter admitting they haven't started using any form of data protection at all.
"It's not simply just a matter of having the appropriate tools and controls in place. It's worth noting that only 56 percent of information workers in North America and Europe say that they are aware of their organisation's current security policies," said the authors.
When data is breached, personal (employee and customer) data accounted for 22 percent of cases reported, with IP not far behind with 19 percent and user credentials such as logins in 11 percent.
Forrester's findings probably confirm a simple maxim that data breaches are often accidental rather than malicious. What it doesn't speculate on is whether internal breaches are necessarily the most serious.
-
Citrix Links Cloud-Based Storage to SharePoint and Azure
ShareFile users are getting more options for where and how to store data.
-
Rapid-Growing Mobile Payments Market is Driving a Financial Fraud Marketplace
The global mobile payments market is predicted to exceed US$1.3 trillion in the coming years, presenting opportunities for cyber crime gangs to exploit, according to a whitepaper published by the Anti-Phishing Working Group (APWG).
-
Act on Technology to Achieve Competitive Advantage
Mobile, social, virtualisation, big data and cloud are well past the point of exploration and are at the point where they can be leveraged for businesses to gain a competitive advantage, according to Accenture's chief technology officer Paul Daugherty.
-
Wal-Mart to Send Automated Shopping Lists to its Mobile App
Wal-Mart plans to use big data about a customer's usual shopping to automatically create shopping lists for them on its mobile app.