The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Malicious Intent Is Biggest Threat to Personal Data

Jon Fielding
Apricorn is a provider of encrypted and secured external drives.
26 April 2019 | Updated 30 April 2019

A social media poll has found that sixty-five per cent of respondents believe that humans pose the biggest threat to their personal data rather than cyber criminals.

So, against the backdrop of a complex and growing cyber threat landscape, organisations are waking up to the fact that one of the biggest chinks in their armour against a data security breach is humans. In fact, fifty-two per cent of respondents believe that people with malicious intent present the biggest danger, whilst thirteen per cent believe that unintentional human error is also a risk.

In stark comparison, just thirty-five per cent of those polled see technology as a threat to personal data.


Policy breaches

Worse still, twenty per cent admitted they have breached corporate policies around data protection, with a further thirty-four per cent admitting they don’t even know of a policy within their organisation. Not only does this highlight the frequency and willingness of employees to breach corporate policy, it also demonstrates the lack of awareness and education around corporate data security.

Jon Fielding, EMEA MD for Apricorn which commissioned the survey, said: “The findings of our poll show that businesses have good reason to be concerned about employees contributing to cyber-security risks. Whether staff are making unintentional user errors or compromising data with malicious intent, business data and systems are at risk. The most dangerous aspect of insider threats and human error is the fact that the access and activities are coming from trusted users and systems. They can very easily go undetected if organisations are too complacent in their approach to data security.”


Loss and theft

The Apricorn poll also found that over a quarter (27%) of respondents admitted that they had either lost, misplaced or had a device stolen containing sensitive corporate information.

Fielding said: "Organisations should incorporate and enforce information security policies, procedures and, ideally, encryption on all mobile devices, be it laptops, mobiles or other removable media. It’s not enough to simply have an IT security policy in place, staff need to be educated about the policies and the importance of data security, to help mitigate these risks. IT security should also be enforced through technology, such as end point control only accepting corporately approved and encrypted devices for example."



Any data breach has the potential for huge reputational damage and financial losses. With GDPR now in full force, organisations must ensure they monitor how data is processed, stored, retrieved, protected and deleted in order to remedy any shortcomings and ultimately avoid a costly data breach. Organisations need to establish and maintain even basic level security to avoid the associated risks posed by insiders, malicious or otherwise.


Infosecurity Europe

Jon Fielding will be speaking at the upcoming Infosecurity Europe event taking place at Olympia, Hammersmith, London, from 4-6 June 2019.

The Apricorn Twitter poll attracted 12,527 responses. The company is a manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB storage devices.

Picture: Jon Fielding


Article written by Cathryn Ellis | Published 26 April 2019


Related Articles

Most Organisations’ Biggest Security Concern Is Users

What Keeps You Up at Night – The 2019 Report looks at over 350 global organisations' security concerns and reveals people are the biggest perceived...

 Read Full Article
Gangsters' Paradise Leads To Jail Terms For Business Phishing Scam

Gangsters who altered business emails to rip-off more than £1 million have gone to jail. Two members of the Nigerian organised crime group who committed the fraud...

 Read Full Article
Not Wiping Memory Risks GDPR Fines

Thousands of businesses are risking GDPR penalties for not wiping the memory from old IT equipment, it has been claimed. According to a survey carried out by...

 Read Full Article
Raising The Bar – Consent Under The GDPR

Straight from the horse's mouth, Steve Wood, Deputy Information Commissioner, writes for ThisWeekinFM on the topic of 'consent', how to get it and what to do...

 Read Full Article
GDPR - What A Scam

GDPR has gifted scammers with a new hook for sending phishing emails. Many internet users are now receiving emails from organisations that they have online dealings with,...

 Read Full Article
GDPR - No Confidence In Compliance. Mobile Workers Are Biggest Hazard

Most companies are not confident of being fully compliant ahead of the GDPR deadline with the biggest fear being the loss of data on laptops and other mobile...

 Read Full Article
Customer Experience Centre Virtually Open

Panasonic Business has opened the doors to a new Customer Experience Centre in Bracknell, showcasing the company's range of B2B solutions - both physically and...

 Read Full Article
Data Breaches & Financial Risk - 5 Reasons For Cyber Insurance

Despite the rising cost of data breaches, most organisations are unprepared to deal with the financial and reputational repercussions, writes Joe...

 Read Full Article
Is BYOD Creating A GDPR Risk For Your Business?

Does your Bring Your Own Device (BYOD) stance have the potential to create risks relating to data protection or breaches, as a result of staff using a single smartphone...

 Read Full Article
Two Million Fleet Drivers To Revalidate Driving Licence Data Consent

There are over two million drivers who will have to revalidate their driving licence data consent, writes Malcolm Maycock, Chair of the ADLV. Whilst this is a mammoth...

 Read Full Article