A new report coming out of the University of New Mexico found that hackers are not the biggest concern when it comes to breaches of sensitive company data. "Hype and Heavy Tails: A Closer Look at Data Breaches" discusses two types of data breaches that a company can run into, those being negligent and malicious leaks of information.
Negligent data breaches were defined as mistakes made by employees within the organization that led to private information going public, like leaving a laptop with company data on the bus. Malicious leaks, on the other hand, are what most people think of when they hear the term "data breach." This is where a malevolent hacker gains access to a company's information illegally by exploiting some sort of flaw in the business's cybersecurity infrastructure.
The study discovered that negligent data breaches occur almost twice as often as malicious ones. If that wasn't surprising enough, the report also said that malicious breaches are actually decreasing in size at a rate of 15.6 percent a year over the 10-year period of the study. Negligent breaches, meanwhile, have remained constant.
Employees need security training
What this means is that while keeping hackers out is certainly important, training employees to keep information in is just as vital to protecting sensitive data. Sadly, a lot of companies simply don't see the value in privacy training programs and instead rely on their employees' common sense.
A 2014 Ponemon Institute study, commissioned by information services group Experian, found that only 54 percent of employers surveyed had privacy and data protection awareness training for their workers. The fact that this percentage is just barely a majority could be one of the many reasons negligent data breaches occur twice as often as malicious leaks.
This abysmally low number is also surprising when considering how much the average data breach can cost a company.
A separate Ponemon Institute report stated that a data breach costs a company, on average, about $3.5 million. Coupling this with the fact that a majority of data breaches are caused by internal negligence shows that businesses need to begin seeing the danger even their most trusted employees pose to private information.
A data breach could cost your company millions.What can you do?
As with many problems in life, the answer to this dilemma of employee negligence is more education. Making sure staff members have privacy and basic computer training under their belt will not only make them stronger assets to your organization, but it will also give them the skills necessary to slow down or even stop the flow of negligent data breaches.
Corporate computer training is a vital piece to a private and secure workplace. Giving people the knowledge necessary to stop silly mistakes concerning important company data could end up saving your business a big future headache. If you'd like to see the positive effect company IT training can have on your employees, make sure to check out New Horizons Computer Training Center of Southern California and Southern Arizona's list of basic computer training programs.
Join us for our webinar on November 12: Cyber Security: Pathway to Forensics. Click here for more details and to register for a session.
More links
- Cyber Security: Pathway to ForensicsThis two hour webcast will introduce the viewer to the basic concepts of computer forensics. Software demonstrated in this tutorial webcast will include a variety of open-source tools
- Find TrainingFind the class that best suits you or your employee's needs!
- Information SecurityAt New Horizons, our information security offerings are designed to ensure that your organization can be the "Secure Organization"—enabling you to target specific training for your business based on information security threats and organizational job roles.
- Cyber Secure: A Look at Employee Cybersecurity Habits in the WorkplaceThis white paper discusses what employees and employers can do to avoid breaches.
