Business Express is an online portal that covers the latest developments in the world of business and finance. From startups and entrepreneurship to mergers and acquisitions, Business Express provides reporting on the stories that matter most to business leaders and decision-makers.The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.
iStock 841526196 - Business Express

Employee negligence revealed as the leading cause of data loss for businesses

LONDON, 18 May 2022 –  60 per cent of organisations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months, according to new research from the Ponemon Institute, and sponsored by Tessian. Email was revealed as the riskiest channel for data loss in organisations, as stated by 65 per cent of IT security practitioners. This was closely followed by cloud file-sharing services (62 per cent) and instant messaging platforms (57 per cent). 

The Ponemon Institute surveyed 614 IT security practitioners across the globe to also reveal that:

  •     Employee negligence was the leading cause of data loss incidents (40 per cent), in the last 12 months
  •     Over a quarter (27 per cent) of data loss incidents are caused by malicious insiders
  •     It takes up to three days for security and risk management teams to detect and remediate a data loss and exfiltration incident caused by a malicious insider on email
  •     Almost one in four (23 per cent) organisations experience up to 30 security incidents involving employees’ use of email every month

Furthermore, the majority of respondents (54 per cent) said that the primary barrier to securing sensitive company data is the lack of visibility of sensitive data that is transferred from the network to personal email. Fifty-two percent of respondents say it is the inability to detect anomalous employee data handling behaviours and the inability to identify legitimate data loss incidents. 

Due to this lack of visibility, it can take IT security teams almost three days (72 hours) to detect and remediate a data loss and exfiltration incident caused by a malicious insider on email and up to two days (48 hours) to detect and remediate an incident caused by employees. 

The report also found that the majority of organisations (73 per cent) are concerned that employees do not understand the sensitivity or confidentiality of data they share through email. Despite these findings, nearly half of IT security leaders surveyed (46 per cent) say their programs properly address the sensitivity and confidentiality of the data that employees can access on email. 

Don't miss out on any breaking news or insightful opinions!
Subscribe to our free newsletter and stay updated on the go!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Josh Yavor, Chief Information Security Officer for Tessian, commented: 

“Most security awareness training programs focus on inbound threats, yet fail to adequately address the handling of sensitive data internally. But data loss – whether accidental or intentional – is a major threat and should be treated as a top priority. 

“To create awareness and mitigate data loss incidents, organisations need to be proactive in delivering effective data loss prevention training while also gaining greater visibility into how employees handle company data. Security awareness training that directly addresses common types of data loss – including what’s okay to share with personal accounts and what’s not okay to take with you when you leave a company – and a culture that builds trust and confidence among employees will improve security behaviours and limit the amount of data that flows out of the organisation.” 

Larry Ponemon, chairman and founder of Ponemon Institute, said:

This study showcases the severity of data loss on email and the implications it has for modern enterprises. Our findings prove the lack of visibility organisations have into sensitive data, how risky employee behaviour can be on email and why enterprises should view data loss prevention as a top business priority.” 

Recent Post: