The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Sunday, 15 September

Malicious Intent Is Biggest Threat to Personal Data

Jon Fielding
Apricorn is a provider of encrypted and secured external drives.

A social media poll has found that sixty-five per cent of respondents believe that humans pose the biggest threat to their personal data rather than cyber criminals.

So, against the backdrop of a complex and growing cyber threat landscape, organisations are waking up to the fact that one of the biggest chinks in their armour against a data security breach is humans. In fact, fifty-two per cent of respondents believe that people with malicious intent present the biggest danger, whilst thirteen per cent believe that unintentional human error is also a risk.

In stark comparison, just thirty-five per cent of those polled see technology as a threat to personal data.

 

Policy breaches

Worse still, twenty per cent admitted they have breached corporate policies around data protection, with a further thirty-four per cent admitting they don’t even know of a policy within their organisation. Not only does this highlight the frequency and willingness of employees to breach corporate policy, it also demonstrates the lack of awareness and education around corporate data security.

Jon Fielding, EMEA MD for Apricorn which commissioned the survey, said: “The findings of our poll show that businesses have good reason to be concerned about employees contributing to cyber-security risks. Whether staff are making unintentional user errors or compromising data with malicious intent, business data and systems are at risk. The most dangerous aspect of insider threats and human error is the fact that the access and activities are coming from trusted users and systems. They can very easily go undetected if organisations are too complacent in their approach to data security.”

 

Loss and theft

The Apricorn poll also found that over a quarter (27%) of respondents admitted that they had either lost, misplaced or had a device stolen containing sensitive corporate information.

Fielding said: "Organisations should incorporate and enforce information security policies, procedures and, ideally, encryption on all mobile devices, be it laptops, mobiles or other removable media. It’s not enough to simply have an IT security policy in place, staff need to be educated about the policies and the importance of data security, to help mitigate these risks. IT security should also be enforced through technology, such as end point control only accepting corporately approved and encrypted devices for example."

 

Fines

Any data breach has the potential for huge reputational damage and financial losses. With GDPR now in full force, organisations must ensure they monitor how data is processed, stored, retrieved, protected and deleted in order to remedy any shortcomings and ultimately avoid a costly data breach. Organisations need to establish and maintain even basic level security to avoid the associated risks posed by insiders, malicious or otherwise.

 

Infosecurity Europe

Jon Fielding will be speaking at the upcoming Infosecurity Europe event taking place at Olympia, Hammersmith, London, from 4-6 June 2019.

The Apricorn Twitter poll attracted 12,527 responses. The company is a manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB storage devices.

Picture: Jon Fielding

 

Article written by Cathryn Ellis

Share



Related Articles

Most Organisations’ Biggest Security Concern Is Users

What Keeps You Up at Night – The 2019 Report looks at over 350 global organisations' security concerns and reveals people are the biggest perceived...

 Read Full Article
Gangsters' Paradise Leads To Jail Terms For Business Phishing Scam

Gangsters who altered business emails to rip-off more than £1 million have gone to jail. Two members of the Nigerian organised crime group who committed the fraud...

 Read Full Article
Not Wiping Memory Risks GDPR Fines

Thousands of businesses are risking GDPR penalties for not wiping the memory from old IT equipment, it has been claimed. According to a survey carried out by...

 Read Full Article
GDPR - What A Scam

GDPR has gifted scammers with a new hook for sending phishing emails. Many internet users are now receiving emails from organisations that they have online dealings with,...

 Read Full Article
GDPR - No Confidence In Compliance. Mobile Workers Are Biggest Hazard

Most companies are not confident of being fully compliant ahead of the GDPR deadline with the biggest fear being the loss of data on laptops and other mobile...

 Read Full Article
123456 - 23.2 Million Cyber Victims Used This Password

The most hacked passwords have been revealed as a UK cyber survey exposes gaps in online security with global breach analysis finding 23.2 million victims used 123456 as...

 Read Full Article
Data Breaches & Financial Risk - 5 Reasons For Cyber Insurance

Despite the rising cost of data breaches, most organisations are unprepared to deal with the financial and reputational repercussions, writes Joe...

 Read Full Article
Consumer Grade Apps Are A Business Security Risk

32% of organisations use consumer grade Apps such as WhatsApp, SMS and Skype for business communications. Over two thirds use these Apps regularly every day and over a...

 Read Full Article
Denial Of Service Costs Escalate

A DNS Threat Report has revealed the cost per attack has increased by 57% to $715,000 for organisations globally. EfficientIP, a specialist in DNS security to ensure...

 Read Full Article
Raising The Bar – Consent Under The GDPR

Straight from the horse's mouth, Steve Wood, Deputy Information Commissioner, writes for ThisWeekinFM on the topic of 'consent', how to get it and what to do...

 Read Full Article