Careless employees have long been blamed for the majority of data breaches – but how damaging are they really? And what else is putting your organization at risk? A newly released report is shedding light on the issue.
Topping the charts once again as the most common cause of data breaches is employee error or, categorized somewhat more kindly by the Verizon Data Breach Investigations Report, “miscellaneous error.”
Causes of data breaches
Misc. error – 25 per cent, down from 29.4 per cent in 2013
Crimeware – 20 per cent, down from 25.1 per cent in 2013
Insider misuse – 18 per cent, down from 20.6 per cent in 2013
Physical theft / loss – 14 per cent, down from 15.3 per cent in 2013
Web app attacks – 6 per cent, up from 4.1 per cent in 2013
Denial of service – 3 per cent, down from 3.9 per cent in 2013
Cyber-espionage – 1 per cent, up from 0.8 per cent in 2013
POS intrusions – 1 per cent, up from 0.7 per cent in 2013
Payment card skimmers – 1 per cent, up from 0.1 per cent in 2013
Staff slip-ups
While it appears employees are improving, they’re still the number one cause of company breaches and HR needs to step up training to ensure workers are aware of the risks.
In an effort to show exactly where workers are going wrong and help employers target troublesome areas, researchers revealed the three most common employee mishaps.
Rather amusingly, the study’s authors presented them as “D’oh!”, “My bad”, and “Oops!”
- D’oh! – when sensitive information reaches incorrect recipients – accounts for 30 per cent of employee errors.
- My bad – when employees publish non-public data to public web servers – accounts for 17 per cent of “miscellaneous errors.”
- Oops! – the insecure disposal of personal and medical data – accounts for 12 per cent of overall employee mishaps.
More like this:
1 in 5 HR managers have asked illegal interview questions
Cutting cubicles: is it right for your company?
Find out what day-care has to do with diversity, at L’Oréal Canada