Data breach debate – how responsible are employees really?

Data breaches have very quickly climbed the infosec agenda. Here at the GFI Blog we also covered both the data breach threat posed by employees, and unearthed the murky area of IT malfeasance.

Now a new report says the insider problem is far worse than we had previously imagined. The Verizon Data Breach investigations report claims that 14% of breaches are due to insiders and that’s not counting the further 12% of breaches that come from IT itself. On the other hand, CompTIA, an association representing the interests of IT resellers and managed service providers, has a far different point of view. It says more than half of all breaches – some 52% – are due to human error or malice, and the rest arise from technology mistakes.

Why the massive discrepancy between Verizon and CompTIA? One reason might be that Verizon is more focused on breaches by employees with intent, not by accident or stupidity. Verizon does account, at least in part, for accidents and negligence, such as when a USB device or company laptop holding vital information is lost or stolen. CompTIA, on the other hand, says many shops spend more time on technical security solutions, and not enough on the human factor, with CompTIA stating that “the main reason that companies exhibit a low level of concern over human error is that it is a problem without an obvious solution.”

Research from the SANS Institute reaches the same conclusion – employee negligence is a huge source of data breaches. Social engineering is one such element, so this once again shows the importance of training your employees in basic IT security. Resigning yourself to the fact that the human error factor is a problem with no solution is neglectful, especially when it accounts for such a high percentage of breaches. Ultimately, your employees are the strongest security layer. Of course, it is as important to make sure all updates and patches are installed, firewalls are turned on, and anti-malware is up to date.

I recently covered the insider threat in a blog for Network World where I focused on the malicious intent of employees as stated by the Verizon report. It transpired that there are two main reasons insiders choose to cause so much trouble;

1)      They are looking for financial gain, perhaps via selling confidential data.
2)      Or it’s an act of revenge by disgruntled workers or angry ex-employees who still have network privileges.

As CompTIA said, technical solutions are not enough. IT vigilance is always necessary as too many shops don’t even know there is an insider threat. Business owners need to consider adding tools that can spot and stop data leakage amongst other breaches. Email security too is a top measure to take as many breaches and leaks come through or from the employee’s inbox.

Here at GFI we specialize in providing solutions that prevent insider data breaches. Get in touch with us to learn more about how you can protect your network and keep your data safe or have a look at the video below to learn more about GFI EndPointSecurity.