When a company gets hacked, it’s easy for the public to picture a heist of James Bond-esque proportions. In reality, a new report suggests most corporate data leaks are nowhere near that exciting.
The study involved 7,000 IT professionals and employees from across North America and Europe. Participants were asked why data breaches had occurred. 31% of respondents said data leaks were caused by “simple loss or theft” while 27% claimed it was “inadvertent misuse by an employee.”
In other words, most data leaks are caused by people within the company instead of external hacking attacks. Making matters worse is the fact that many of these data leaks are caused unintentionally by employees, with only a few data leaks occurring as a result of employees consciously stealing employer information.
With that in mind, smart companies might want to focus their efforts on training and investigating employees as opposed to investing in top-of-the-line PC security programs. Today, it takes a concentrated attack by a knowledge hacker – or team of hackers – to pierce through the external defenses of a corporate network. In most cases, the hacker works to find a single weak link, like the computer of an unsuspecting employee, before using that weak link to gain access to the rest of the network.
The study also suggested that mobile devices are a leading cause of data theft. Employees who want to steal data can easily and surreptitiously do so on their smartphones. Interestingly enough, the “consumerisation of IT” was also cited as a factor which reduced the security of companies around the world.
The study was carried out by a firm called Forrester Research.