Internal threats: “accidental sharing” leads to loss of more data than software flaws

November 5, 2014

According to a global survey of IT professionals, 27% of all businesses have lost sensitive business data due to “internal IT threats” in the past 12 months. Kaspersky Lab started tracking this specific kind of incident in 2011, and for the first time we see that accidental data sharing by staff now produces a greater amount of lost data than software vulnerabilities.

 

640-2

In 2011-2014, Kaspersky Lab detected a number of reported software vulnerabilities encountered amongst medium, large, and enterprise businesses dropped 9%, while data loss associated with software flaws also dropped 5%.

Reports of accidental data leaks by staff remained steady during that time period, and the amount of lost data attributed to accidental data leaks by staff increased by 2%. It’s now a high priority internal problem since “accidental data leaks by staff” were reported by 29% of all businesses. See the graph:

graph

Dynamics we see suggests that businesses are slowly winning their struggle with software vulnerabilities, but data loss is growing in other areas of businesses. Other examples of internal threats that lead to data loss incidents include loss of mobile devices, intentional or accidental data leaks from employees, and security failures by a third-party supplier.

Are internal threats more or less dangerous than external ones? First, we’d have to define the threats: Security failures by a third-party supplier and software vulnerabilities, in general, come from the outside yet threaten from the inside. At the same time, such pronounced external threats such as hacking and phishing exploit the weaknesses within the corporate infrastructure, whether those are technical or human in their nature.

In practice, external and internal threats are no different in the amount of attention they require (hint: equal). Otherwise, the security of a business network looks like a territory surrounded with a barbed wire fence with missing sections, while the main entrance is a huge metal gate with a coded lock.

Kaspersky Lab’s investigation of internal threats has also uncovered that these often occur in businesses within infrastructure sectors, which is an especially troubling development. Read more about it here.