A study into data security breaches reported to the UK’s Information Commissioner’s Office and how to prevent them.
Data security is a key, and growing, risk for our customers and we recognize
the range of challenges it presents.
Faced with growing business demands, increased regulatory scrutiny and
evolving threats from cyber criminals, those responsible for data security
within organizations are frequently having to make complex choices about
where to focus their resources.
This research is designed to help make those choices easier by identifying
where risks actually lie. By taking a data-driven approach to security
incidents reported across the UK over a 12 month period, it is possible to be
clear-eyed and hard-nosed when it comes to addressing the most common
causes of data security incidents.
The results are surprising. Despite the common perception that cyber
criminals are the greatest threat to an organization’s data security, our
research suggests that your staff are actually your greatest risk. In fact, 69%
of all security incidents for which a cause is known are the result of human
blunders. Of these security incidents, the most frequent by some margin is a
mistake many of us have made at one time or another: sending an email to
the incorrect recipient. Until recently, this has been a mistake that is easy to
make and hard to prevent.
We hope that this report serves to improve risk governance and inform
decision making by boards, senior management and their security, legal, risk
and compliance teams.
If you’re responsible for data security or compliance at a regulated organization, grab a complimentary copy of the study by following the link below: