Employees and CIOs Can't Agree on Who Is to Blame for the Constant Torrent of Insider Data Breaches

Who is Responsible for Insider Data Breaches

Far too often, when a large organization is hit by a data breach, it's quick to announce that an investigation is ongoing and that its security specialists, along with outside experts and law enforcement agents will try to do everything they can to find out who is responsible for the incident. People and organizations are so focused on finding out who's done it sometimes that they forget what their real priority should be – learning how many people were affected and finding out what can be done to protect their data and privacy.

A thorough investigation is nevertheless a vital part of the response to a cybersecurity incident. To prevent future data leaks, organizations must find out what happened and draw all the necessary conclusions.

We're seeing more and more breaches where data gets leaked with no outside help. In such cases, finding out where the mistake was made is even more important. Unfortunately, a survey commissioned by security company Egress shows that more often than not, this is far more difficult than it seems.

IT leaders and employees interviewed in an attempt to find out who is responsible for the state of data security

The report is called Insider Data Breach 2019, and as its name suggests, it focuses on data security incidents that happen without interference from hackers. The research was conducted by Opinion Matters and involved 500 IT leaders (Chief Information Officers) and just over 4,000 employees in the US and the UK.

The respondents were asked various questions regarding the way their employer handles data. They told researchers whether or not the companies they work for have suffered a breach recently and whether or not they expect one in the future. They gave opinions on who is responsible for what and whether the procedures and policies are as clearly stated as they should be. It turns out that there's an enormous abyss between what IT leaders and regular employees think.

Nobody seems to agree on anything

It looks like CIOs aren't terribly confident in employees' ability to keep information secure. A whopping 95% of them think that insiders can really put their organization's data at risk. In their minds, they have a good reason for this.

79% of the interviewed IT leaders believe that during the previous year, employees have put company information at risk, and 61% think that they have done so deliberately. 60% of the interviewed CIOs believe that their organizations will suffer a data breach of some sort during the next twelve months, and almost half (46%) think that the breach will be malicious.

When lower-level employees get to answer the questions, however, things look very different. More than 90% of them say that they have never broken their organization's policy when it comes to processing information. And of those that do admit to sharing data insecurely, more than half claim that they did it because they weren't given the right tools to do it properly.

In other words, the blame is tossed around like a hot potato, and at the same time, the never-ending stream of data breaches shows that the situation is far from ideal. Is there a way out of it?

Securing company data should be a coordinated process

Keeping business information secure in this day and age is an ongoing, complicated process that depends on many different people, which means that when things go wrong, it's often difficult to point the finger at a single person and say "It's their fault". The fact of the matter is, everyone, from C-level employees right down to the person copy-pasting information from one database to another, must be fully aware of how important data is and what the consequences of losing it are.

CIOs must work with lower-level workers to create policies that protect the data and ensure a smooth workflow at the same time. Employees must be taught how to make the best of these policies, and crucially, they should be told what could happen if they don't stick to them.

Unfortunately, given the wide gap in the figures quoted in Egress' Insider Data Breach 2019 report, predicting a significant improvement in the near future would be little more than wishful thinking.

By Duran
September 27, 2019
Password Security
English
September 27, 2019
Password Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Password Security

What data breaches cost? Three of the world's most expensive data breaches

You know what to do to minimize the chances of having your personal information posted on a hacking forum. You know how to look out for phishing pages, you have an up-to-date anti-malware program, and you only use... Read more

April 30, 2018
Tips

The How and the Why of Data Breaches

We already talked about what a data breach is and how it can affect you. What we haven't discussed is how often data breaches happen and what causes them. With the next few paragraphs, we'll try to clear this up. How... Read more

April 12, 2018
News

Surprise! Most Data Breaches Occur Due to Human Error

Even though a lot of data breaches are carried out by cybercriminals, the recent statistics show a considerable part of such incidents occur because of failures happening inside the companies who store sensitive user... Read more

August 10, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.