Study: Employees are most significant Threat

McAfee & SAIC

Study: Employees are most significant Threat
A McAfee and SAIC study reveals that: “The most significant threat reported by organizations when protecting their sensitive information was data leaked accidentally orintentionally by employees. Employees’ adherence (or lack thereof) to security procedures is considered to be the greatest challenge to organizations’ information security. This ranked higher than other challenges, including multiple systems within the organization or the insecurity of supply chain partner systems. Policies clearly have not stemmed the data leak, forcing the hand of corporations to choose robust and innovative technical solutions to reinforce their guidelines.”

The study also concludes that “in the past, cybercriminals targeted personal information such as credit cards and social security numbers, which were then sold on the black market. Now, these criminals understand that there is much greater value in selling a company’s proprietary information to competitors and foreign governments. For example, a company’s legal documents can fetch far more money than a list of customer credit cards.” This strengthens a Forrester Research finding, stating that: [...] proprietary knowledge and company secrets are twice as valuable as custodial data which refers to payment card information, and customer and medical data: “Secrets comprise two-thirds of the value of firms’ information portfolios. Despite the increasing mandates enterprises face, custodial data assets aren’t the most valuable assets in enterprise information portfolios. Proprietary knowledge and company secrets, by contrast, are twice as valuable as the custodial data. And as recent company attacks illustrate, secrets are targets for theft.”

More than 1,000 senior IT decision makers took part in this survey. Their input leads to another remarkable the finding: “around a quarter of organizations have had a merger and acquisition or a new product/solution rollout stopped or slowed by a data breach, or the credible threat of a data breach.”

Share article:
  • Facebook
  • LinkedIn
  • RSS
  • Twitter


You must login in order to reply.

Panel's Jotter

Editor Intelink says:(2012-10-02 10:49:19)

“Een kwaliteitsslag voor school, student en stagebedrijf” Het herkennen en correct behandelen van bedrijfsvertrouwelijke informatie. Het programma speelt tevens doeltreffend in op de sterk toenemende behoefte aan Social Media Integriteit van stag...

On: Stagevoorbereiding voor MBO en HBO: Bewustwording Bedrijfsgeheimen & Social Media Integriteit
Danny Lieberman says:(2011-05-09 13:35:04)

As one of the pioneers in DLP - data loss prevention and an active thought leader in the field since 2003 - it is typical for people who discover that the emperor is naked to take knee jerk reactions. IT and HR procedures are part of a set of data...

On: WikiLeaks legt menselijke factor bloot (EN)
Rachel McShelley says:(2011-03-31 10:01:15)

Blijft helaas onduidelijk waarom BitDefender dit opvallend en vooral ook een beveiligingsrisico vindt.

On: Facebook: 42% onbekende online vrienden
View all replies»

Join us on:

  • Facebook
  • LinkedIn
  • RSS
  • Twitter


Join our Research Panel!
Sign up for: Study into Information Leakage in the Netherlands 2010


News and analyses on Human Factors & Awareness

Upcoming events

No events