A new survey of IT professionals suggests that external hackers have very little to do with corporate data leaks.
The survey, which was commissioned by IT software and services provider Compuware, found that data breaches at companies are caused by staff in 75% of cases, compared to just 1% by outside hackers. Overall, 79% of US companies suffered at least one data breach last year.
“Enterprises must recognise that simply trusting employees will inevitably prove detrimental to their security, their risk postures and their business interests,” wrote Perry Carpenter, a research director at Gartner.
“A mixture of tried-and-true security practices, security awareness, and low and high-tech toolsets will provide the most effective and comprehensive defence against the insider threat.”
Overall, 41% of breaches occurred on mainframes, which raised serious concerns since 80% of the world’s data is stored on such systems.
The survey interviewed 3,596 IT professionals in the US, UK, France and Germany each with an average of nearly nine years’ experience.
The US led in the incidence of data breaches, followed by France at 63% and the UK at 55%. Only 39% of German companies suffered breaches last year.
Hacking was slightly more prevalent in the UK, accounting for 3% of breaches compared to 37% by malicious insiders and 63% by negligent insiders. Interestingly, 25% came from outsourcing suppliers.
The survey also highlighted a distinct lack of accountability for breaches within companies.
Over half of those questioned said that no single person was held to account over breaches, and that the chief information officer took the blame in just 25% of cases.
Subscribers 0
Fans 0
Followers 0
Followers