Home Business News Malicious intent outweighs technology as biggest threat to personal data

Malicious intent outweighs technology as biggest threat to personal data

by LLB Reporter
13th Mar 19 8:28 am

Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB storage devices, today announced results from their latest social media poll which found that 65% of respondents believe that humans pose the biggest threat to their personal data.

Against the backdrop of a complex and growing cyber threat landscape, organisations are waking up to the fact that one of the biggest chinks in their armour against a data security breach is humans. In fact, a staggering 52% of respondents believe that people with malicious intent present the biggest danger, whilst thirteen percent believe that unintentional human error is also a risk. In stark comparison, just 35% of those polled see technology as a threat to personal data.

Worse still, 20% admitted they have breached corporate policies around data protection, with a further 34% admitting they don’t even know of a policy within their organisation. Not only does this highlight the frequency and willingness of employees to breach corporate policy, but it also demonstrates the lack of awareness and education around corporate data security. There is a real need to strike a balance between policy and engagement in order to help prevent carelessness, and the dangers posed by uninformed staff.

Jon Fielding, managing director, EMEA Apricorn said, “The findings of our poll show that businesses have good reason to be concerned about employees contributing to cybersecurity risks. Whether staff are making unintentional user errors, or compromising data with malicious intent, business data and systems are at risk.

“The most dangerous aspect of insider threats and human error is the fact that the access and activities are coming from trusted users and systems, and can very easily go undetected if organisations are too complacent in their approach to data security.”

The Apricorn poll also found that over a quarter (27%) of respondents admitted that they had either lost, misplaced or had a device stolen containing sensitive corporate information.

Organisations should incorporate and enforce information security policies, procedures and, ideally, encryption on all mobile devices, be it laptops, mobiles or other removable media. It’s not enough to simply have an IT security policy in place, but staff need to be educated about the policies, and the importance of data security, to help mitigate these risks. IT security should also be enforced through technology, such as end point control only accepting corporately approved and encrypted devices for example.

Feilding added, “Educating employees in the value of the data they work with will help to build a culture of accountability, within which, keeping data safe becomes second nature to employees at every level. Employees are an organisation’s biggest asset, but they can also be their biggest liability.”

Any data breach has the potential for huge reputational damage and financial losses, and with GDPR now in full force, organisations must ensure they monitor how data is processed, stored, retrieved, protected and deleted in order to remedy any shortcomings and ultimately avoid a costly data breach. Organisations need to establish and maintain even basic level security to avoid the associated risks posed by insiders, malicious or otherwise.

Leave a Commment

You may also like


Sign up to our daily news alerts

[ms-form id=1]