Biggest data loss concerns due to inadvertent and malicious acts
While the majority of security threats still exist outside an organisation, a study by networking giant Cisco shows that the insider threat whether it's accidental or malicious, continues to represent a significant challenge to IT security procedures.
Conducted by market research firm InsightExpress, the study assessed the implications of data leakage as businesses become more collaborative, mobile and distributed. The sample is drawn from surveys of more than 2,000 employees and IT professionals in 10 countries: the US, the UK, France, Germany, Italy, Japan, China, India, Australia, and Brazil.
Its key findings include:
- Most IT professionals quizzed believe employees posed ‘a more serious threat to data security than outsiders’: 39 per cent)perceive negligence among employees as the main reason, and one in five pointed to disgruntled workers as data security risks.
- 33 per cent of respondents said portable hard drive devices are their top concern for how data is leaked - more than email (25 per cent), lost or stolen devices (19 per cent), and verbal communication with non-employees (8 per cent).
- About 10 per cent employees lost or had a corporate device stolen in the year leading up to the study, creating a data loss incident for themselves and their companies.
- 11 per cent admitted stealing data or corporate devices, selling them for a profit, or knowing fellow employees who did. This finding was most prevalent in the French sample, where 21 per cent of employees admitted knowledge of this behaviour.
Some employees admitted keeping their corporate devices and information after leaving their jobs, and their reasons varied from personal to vindictive: 'I needed the device for personal use', 'I wanted to get back at my company', and 'The company won't find out', were some of the comments made.