Frequent Data Breach Causes

Most people picture hacker groups, state-of-art computer technology, and sophisticated cyber attacks behind a data breach. However, we should not forget the other side of the coin, i.e. data and information breach caused by employees themselves, the so-called internal security threat.  According to the 2013 Symantec and Ponemon Institute research study, the human factor and security system failure represent the most frequent cause of a data breach.

The primary and probably the most acute inner threat problem is the employees’ conduct. Despite big corporations’ frequent efforts to raise awareness and educate their employees in the field of sensitive data processing and security (especially in heavily regulated sectors, such as health care and banking), we continue to see a reckless conduct in the sensitive data treatment. It particularly involves unsafe data storage, data transfer via unsecure channels, data transfer to unauthorized persons, as well as a deliberate data breach at the organization’s expense.

Companies also deal with an incorrect security system setup, namely insufficient classified data system checks which, along with the human error factor, present an immense security risk. The most frequent cases include companies that fail to secure sufficiently classified data during their transfer, whether within the company or with regard to third parties. It is surprising how many companies still send classified data, such as personal data, financial data, contracts, etc., via email, public storage sites, mailed flash drives, etc.

We can even come across companies that intentionally bypass government security regulations (e.g. due to their cost), and by doing so risk a sensitive data breach.

To prevent a data breach within and outside companies, the above-mentioned study concludes with the following recommendations :

  • to educate employees about the classified information treatment
  • to use data loss prevention technologies that will assist in defining sensitive data and protect it from being leaked outside the organization
  • to employ encryption and strong authentication solutions
  • to prepare an incident response plan, including corresponding steps for informing the clients.