BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Report indicates insider threats leading cause of data breaches in last 12 months

From: Lee J <lee () riskbasedsecurity com>
Date: Thu, 10 Oct 2013 09:37:36 +1100
http://www.networkworld.com/news/2013/100813-report-indicates-insider-threats-leading-274649.html<http://www.networkworld.com/news/2013/100813-report-indicates-insider-threats-leading-274649.html?source=nww_rss>

CSO - While threats to data security and privacy are often perceived to
come from the outside, all signs point to internal threats being just as
dangerous, intentional or not.

Forrester recently released its Understand the State of Data Security and
Privacy report, which offered insight on the reasons behind data breaches,
with internal threats emerging as the leading cause. The survey -- which
featured respondents from Canada, France, Germany, the UK, and the US from
SMB and enterprise companies with two or more employees -- also covered
other topics, including how security budgets are being allocated and the
changing landscape of security teams' responsibilities.

According to Forrester's research, insiders take the cake as the top source
of breaches in the last 12 months, with 36 percent of breaches stemming
from inadvertent misuse of data by employees. Obviously, the issue here is
ignorance; the study's numbers indicate that only 42 percent of the North
American and European SMB workforce surveyed had received training on how
to remain secure at work, while only 57 percent say that they're even aware
of their organization's current security policies.

"People don't know what they don't know," said Heidi Shey, a Forrester
analyst and the author of the report. "You've got to give them some kind of
guidance and guard rails to work with."

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: