A Lot of Companies Are Getting Hacked Because Of Internal Sloppiness
Three out of every four organizations across many industries have been hacked in the last two years, mainly because too many employees have too much access to data.
A recent study of companies in both the U.S. and Europe found sensitive information is breached because information was put in the wrong hands in the first place. Sixty-two percent of end users (employees that do not include IT specialists) “say they have access to company data they probably shouldn’t see,” according to “Closing Security Gaps to Protect Corporate Data: A Study of U.S. and European Organizations.”
Participants of the survey said “insiders who are negligent” were more likely to compromise insider data than other potential culprits like “external attackers, malicious employees or contractors.” (RELATED: America’s Security Problems Start With The TSA, But Certainly Don’t End There)
The research surveyed more than 3,000 employees and IT experts “from a variety of industries including financial services, public sector, healthcare and life sciences, retail, industrial, and technology and software.”
Aside from internal negligence, the survey found 35 percent of organizations do not have mechanisms that allow them to search records of file system activity, leaving companies with no means of tracking or deciphering files that are breached. (RELATED: Hundreds Of Organizations Worldwide Fail At Cybersecurity)
“Despite the technology available and the continued rise of data loss and theft, it is clear that most organizations are not taking the threat of major disuption in business and reputation seriously enough,” the report concludes. (RELATED: Obama Admin Releases New Gov’t Info Sharing System)
“The most valuable data featured in most breaches is unstructured data such as emails and documents. This is the data that most organizations have the most of, and know the least about. When emails and files are surfaced publicly, they tend to cause scandal, forcing the breach to have a lasting effect on the company’s reputation,” the report continues.
The report’s findings have manifested in many real life incidents. From the Sony hack to the Office of Personnel Management breach to the multiple Democratic National Committee leaks, hackers have infiltrated many systems through the credentials of a legitimate employee, either current or former.
Additionally, when the FBI investigated Democratic presidential nominee Hillary Clinton’s use of a private email server, it found that she was “extremely careless” with sensitive government information.
Could the DNC not find a single technical cybersecurity expert to appoint to their cybersecurity advisory board? https://t.co/ZNl9wvdabd
— Christopher Soghoian (@csoghoian) August 14, 2016
“These new findings, alongside the fallout from those breaches, should keep executives awake at night,” said Yaki Faitelson, the co-founder and CEO of Varonis, one of the groups that released the report.
Send tips to email@example.com.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.