Report: 60% of orgs have experienced data loss due to employee mistakes

Enterprise

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


Three in five organizations have experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months, according to a new survey from Ponemon Institute, sponsored by email security company Tessian. The survey of 614 IT security practitioners across the globe also revealed that email was the riskiest channel for data loss in organizations, according to 65% of security practitioners. 

The survey found employee negligence (because of not following policies) to be the leading cause of data loss incidents, while over a quarter (27%) of incidents are from malicious insiders. Intentionally stealing data also causes strain on IT teams as the data revealed it takes up to three days for security and risk management teams to detect and remediate a data loss incident caused by a malicious insider on email.  

The most common types of confidential and sensitive information lost or intentionally stolen include: customer information (61%); intellectual property (56%); and consumer information (47%). User-created data (sensitive email content, text files, M&A documents), regulated data (credit card data, Social Security numbers, national ID numbers, employee data) and intellectual property emerged as the three types of data that are most difficult to protect from data loss. 

Organizations cannot protect what they can’t see, and a lack of visibility of sensitive data that employees transferred from the network to personal email was cited as the most common barrier (54%) to preventing data loss. Further, the majority of organizations (73%) are concerned that employees do not understand the sensitivity or confidentiality of data they share through email.

Despite these risks, organizations do not have adequate training in place. While 61% have security awareness training, only about half of IT security leaders say their programs properly address the sensitivity and confidentiality of the data that employees can access on email. 

According to Josh Yavor, Tessian’s CISO, security awareness training that directly addresses common types of data loss and a security culture that builds trust and confidence among employees will ultimately help limit the amount of data that flows out of an organization.

Read the full report by Tessian and the Ponemon Institute.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Author

Topics

Products You May Like

Articles You May Like

Apple Books App Not Working for Some Users After iOS 15.5 Update, Fix Coming Soon: Report
PlayStation Plus July 2022 Free Games Official: Crash Bandicoot 4, Man of Medan, Arcadegeddon
VW and Goldman-backed battery maker Northvolt gets $1.1 billion funding injection
Zebronics Drip Smartwatch With Over 100 Sports Modes, SpO2 Tracking Launched in India: All Details
Tecno Camon 19, Camon 19 Neo, Spark 9 India Launch Teased: Specifications

Leave a Reply

Your email address will not be published.