IT Security & Network Security News & Reviews: Enterprise Data Breaches: Insider Threats That Cause Most Losses
All Data Types Are Vulnerable to Insider Theft
While trade secrets are the most common type of data stolen by insiders, at 52 percent, the Symantec report found that 30 percent of breaches involve business information such as billing invoices, price lists and other administrative data. Other types of data include source code, proprietary software, customer information and business plans.
Organizations are beefing up their network and data defenses to protect sensitive information and intellectual property from attackers. But enterprise management often forgets that their own employees and contractors can also pose a threat. A recent Symantec report found that approximately 65 percent of malicious data thieves are on their way out the door to join a competitor or start their own company. More than half of the data theft occurs within a month before an employee's departure, according to the study. However, it's easy to forget that not all insider threats are intentionally malicious, Ira Winkler, chief security strategist of security testing company Codenomicon, told eWEEK: "A human being will eventually make a mistake." As a result, many data leaks tend to be accidental and not malicious, said Winkler. Regardless of whether the data breach is intentional or accidental, it can be highly damaging to the enterprise, impacting the brand, affecting sales, reducing profits and potentially causing prolonged downtime. Imperva, an information security company, provided eWEEK with eight "profiles" of the kind of people who pose a risk to a company's data.