Privileged Insiders Remain the Top Data Threat

Perhaps given the repeated breaches that arise from escalated privileges for insiders, Ponemon Institute has found that 72% of surveyed organizations are not confident in their ability to manage and control employee access to confidential documents and files.

“What should be concerning to C-level executives and corporate boards is that most organizations have no idea where mission-critical information is located on the corporate network, who has access and what they are doing with that information,” said Bill Blake, president of Fasoo, which sponsored the report. “Deploying DRM solutions is a first step. Beyond that, organizations must be vigilant in applying and enforcing security policies as well as knowing where the organization’s most valuable information is located at all times.”

The Ponemon Institute surveyed 637 U.S. IT security practitioners familiar with their organization’s approach to protecting data, documents and files against cyberattacks. All organizations surveyed use some type of document and file-level security tools. It defined high-value information as including trade secrets, new product designs, merger and acquisition activity, financial data, confidential business information and so on.

The report found that company insiders are the biggest threat. The primary cause of data breaches experienced by companies was the careless employee (56%), followed by the lost or stolen devices (37%). Half of all respondents said their organization is highly effective in preventing leakage by external attackers and hackers, yet less than half are as confident in preventing data leakage by careless employees. 

About 73% responded that it was likely their organization had lost some confidential information over the past 12 months.

Some departments are higher-risk than others. Sales departments for instance pose the greatest risk to information assets, both structured (69%) and unstructured data (58%). C-level executives and human resources (79%) meanwhile account for more than half of unstructured data risk, while human resources and finance and accounting (71%) pose more risk with structured data.

One of the biggest issues seems to be in setting policies and enforcing them. A full 83% of organizations struggle with determining the appropriate level of confidentiality documents and files an organization should possess.  Determination is based on data type, policies or data usage, but only 13% use access as the determining factor, while only 16% are using a content management system. Even if the organization has properly identified confidentiality, only 15% of respondents are confident that they are highly effective in limiting access.

“There is a belief that data breaches are the work of malicious actors, internal and external, but it is more often the result of careless behavior by employees who don’t understand the impact of sharing files. The findings in this study should serve as a wake-up call for all organizations determined to protect high value information,” said Larry Ponemon, president, Ponemon Institute. “Better security hygiene, including education and consequences for risky behavior, should include every employee with access to information in addition to the organization locking down proprietary data, intellectual property and confidential information that shouldn’t be accessed by everyone.”

Photo © LeoWolfert

What’s Hot on Infosecurity Magazine?