Categories: Cybersecurity

State of Insider Data Breaches in 2020

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing.

Insider threats can be accidental or intentional, but the impact of insider breaches remain the same. Negligence at the organization regarding data privacy requirements and compliance can cause catastrophic data loss. To implement effective mitigation measures, employees must be aware of their responsibility towards the usage and sharing of data. With recent changes in data protection and privacy laws, various companies have seen a significant impact on their current security practices and controls.

Insider data threats are increasing more than ever before, and these threats are a major concern when it comes to risk management for companies. The Egress 2020 Insider Data Breach Survey identifies the challenges from the viewpoint of IT leaders and compares them with the perspective of employees regarding data protection and their responsibility.

In the previous year’s report, IT leaders showed rising concerns for the risk of insider data breaches. However, employees denied that they have caused such violations. This indicates that there is a gap between employees and IT leaders in the ways that they perceive responsibility and ownership of the company’s data. The report for 2020 inspects the development of the effective mitigating approaches that companies have taken to manage insider breach risk. Another difference of this year’s report is the broader perspective on these breaches based on different regions along with the evolved questionnaire.

Survey Key Findings from the Insider Data Breach Survey

In this survey, 97% of IT leaders acknowledged the concerns regarding the insider breach risk for their organization. This indicates rising concerns in organizations, as this number increased by 2% from 2019. According to IT leaders, 78% of employees put data at risk accidentally in the last 12 months, while 71% of employees accepted that they or a colleague had inadvertently shared the organization’s information. On the other hand, 68% of employees agreed that they had not intentionally broken company policy for sharing the data, while 75% of IT leaders believed that employees had deliberately put data at risk.

Insider breaches are mainly caused by sharing data to personal systems, followed by the leaking of data to a competitor and then cybercriminals. One of the widespread reasons behind this information (and common with the employees who might not have bad intentions) is employees taking the data to a new job. Departing employees take information with them when they feel a sense of personal ownership to it.

Source : State of Insider Data Breaches in 2020

Veille-cyber

Share
Published by
Veille-cyber

Recent Posts

Les 7 menaces cyber les plus fréquentes en entreprise

Introduction La cybersécurité est devenue une priorité stratégique pour toutes les entreprises, grandes ou petites.…

2 semaines ago

Cybersécurité : Vers une montée en compétence des établissements de santé grâce aux exercices de crise

Cybersécurité : les établissements de santé renforcent leur défense grâce aux exercices de crise Face…

3 semaines ago

Règlement DORA : implications contractuelles pour les entités financières et les prestataires informatiques

La transformation numérique du secteur financier n'a pas que du bon : elle augmente aussi…

3 semaines ago

L’IA : opportunité ou menace ? Les DSI de la finance s’interrogent

L'IA : opportunité ou menace ? Les DSI de la finance s'interrogent Alors que l'intelligence…

4 semaines ago

Telegram menace de quitter la France : le chiffrement de bout en bout en ligne de mire

Telegram envisage de quitter la France : le chiffrement de bout en bout au cœur…

4 semaines ago

Sécurité des identités : un pilier essentiel pour la conformité au règlement DORA dans le secteur financier

Sécurité des identités : un pilier essentiel pour la conformité au règlement DORA dans le…

4 semaines ago

This website uses cookies.