Most lost data is customer, financial: report
Half of all respondents see cyber attacks as among three most significant risks
Digital endpoint protection vendor Kasersky Lab today attempted to highlight that the damage from corporate data loss spreads from the company to employees and even customers.
The security specialist cited a B2B International survey involving over 3,300 IT specialists in 22 countries worldwide and conducted in conjunction with Kaspersky Lab.
Half of all respondents saw cyber attacks as among the three most significant risks to business and preventing breaches was the top concern among security professionals. Among incidents encountered, the top cause was vulnerabilities in existing software, which accounted for 40% of the total down from 46% the previous year), followed by accidental leaks by staff with 31% (no change from last year). A notable newcomer to the list of causes was in third place with 29%: loss or theft of mobile devices by staff.
The survey shows customer information as well as financial data, both at 36%, are lost most often, regardless of the cause of the data loss. This is closely followed by employee data, which is lost or stolen in 31% of cases.
The causes of data leakage can be both external and internal. Some 35% of IT specialists confirmed their companies had lost data due to malware infection, the most common external threat. The next most common causes are email-based attacks (21%) and phishing (17%). When it comes to internal threats, the loss of important data is most often caused by vulnerabilities in a company's software (25%) that cybercriminals exploit to infect systems.
A high proportion of data leaks were from mobile devices: 23% of respondents identified the loss of data and 15% the theft of a mobile device as the cause of a data breach. In 13% of cases, important information fell into the wrong hands due to a negligent act, such as sending messages to the wrong email address.
Petr Merkulov, chief product officer, Kaspersky Lab, argues that the range of cyber-threats leading to data loss illustrates the importance of multi-level protection.
"An effective corporate security solution must protect against both external and internal threats using the right tools for the job: anti-malware technologies, corporate security policies, data leakage prevention methods, control tools and many other features," Merkulov said.