Of the 40 million people who changed jobs last year alone, 60 percent of them took data with them, according to data backup and loss prevention company Code42. Data they probably didn't own. So it might seem a little self-serving of Code42's annual Data Exposure Report (DER) to say insider threats are the biggest problem a company faces.
But the report, while commissioned by Code42, was run by independent UK-based Sapio Research, which surveyed 1,028 information security leaders and 615 business decision-makers at companies in the US, UK, Germany, Austria, and Switzerland. Some of the responses were surprising, starting with the graphic above. If 65 percent of CEOs and 78 percent of CSOs are clicking links they shouldn't have, what do you think is happening in the cubicles?
The report goes on to mention how company-sanctioned file-sharing and collaboration platforms like Microsoft OneDrive (used by 43 percent of respondents), Google Drive (41 percent), Dropbox (33 percent), Slack (13 percent), iCloud (38 percent), and even WhatsApp (37 percent) are not only popular, but huge holes in data security. Since the apps allow users to move data outside the company, "information security teams lose visibility to data and thus the ability to protect it."
Perhaps the biggest wake-up call is that depending on who you ask, those surveyed said employee actions were responsible for either 50 or 53 percent of any data breach they'd experienced.
Infosec respondents said that external bad guys like cybercriminals account for only about 28 percent of breaches. Business decision-makers in the company were more likely to put hardware failures to blame at 25 percent, but that's still well behind employees and third-parties in the data vulnerability rankings.
Code42 and Sapio also surveyed respondents about whether they'd brought data over to the job from a previous employer. The answer to that was a resounding Yes from an average of 63 percent of them, while 38 percent were also convinced their colleagues had done the same.
Why do they do it? Because even the leaders who were asked about it, about 71 percent of them, said they took data because it represents more than corporate data: "it's my work—and my ideas." Only 1 percent of respondents strongly disagreed with that sentiment.
Other highlights: 89 percent of CSOs said they are "desensitized" to cybersecurity threats because it's all overblown by the media; same for 30 percent of the info security leaders. (Yeah, it's our fault).
It's Surprisingly Easy to Be More Secure Online
Get Our Best Stories!
Sign up for What's New Now to get our top stories delivered to your inbox every morning.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
