Hacker
Only one per cent of data breaches involve outside hackers

Corporate data loss not down to hackers

Three-quarters of incidents caused by negligent or malicious staff

Written by Iain Thomson in San Francisco

vnunet.com, 10 Oct 2008

A new survey of IT professionals suggests that external hackers have very little to do with corporate data leaks.

The survey, which was commissioned by IT software and services provider Compuware, found that data breaches at companies are caused by staff in 75 per cent of cases, compared to just one per cent by outside hackers. Overall, 79 per cent of US companies suffered at least one data breach last year.

"Enterprises must recognise that simply trusting employees will inevitably prove detrimental to their security, their risk postures and their business interests," wrote Perry Carpenter, a research director at Gartner.

"A mixture of tried-and-true security practices, security awareness, and low and high-tech toolsets will provide the most effective and comprehensive defence against the insider threat."

Overall, 41 per cent of breaches occurred on mainframes, which raised serious concerns since 80 per cent of the world's data is stored on such systems.

The survey interviewed 3,596 IT professionals in the US, UK, France and Germany each with an average of nearly nine years' experience.

The US led in the incidence of data breaches, followed by France at 63 per cent and the UK at 55 per cent. Only 39 per cent of German companies suffered breaches last year.

Hacking was slightly more prevalent in the UK, accounting for three per cent of breaches compared to 37 per cent by malicious insiders and 63 per cent by negligent insiders. Interestingly, 25 per cent came from outsourcing suppliers.

The survey also highlighted a distinct lack of accountability for breaches within companies.

Over half of those questioned said that no single person was held to account over breaches, and that the chief information officer took the blame in just 25 per cent of cases.

  • Have your say
  • Send to a friend
  • Print this
  • Share

reader comments

related articles

Sarah PalinCommunications

Sarah Palin email hacker indicted

Politician's son in the dock 09 Oct 2008

 
Internet

Adobe warns of 'clickjacking' attacks

Hackers able to fool browsers into redirection 09 Oct 2008

Security

Forever 21 suffers major data heist

Hackers steal 100,000 credit card details 18 Sep 2008

Security

BusinessWeek suffers SQL injection attack

Hackers infect hundreds of news site's web pages 16 Sep 2008

Hardware

Hackers breach Cern security

Greek crew came within one level of LHC control 12 Sep 2008

Government

Microsoft admits IE flaw to blame for Google hack

McAfee notifies Redmond of vulnerability 15 Jan 2010

Security

New study highlights weak password policies

Users still choosing easily compromised passwords 21 Jan 2010

Security

Securing the cloud

Firms need to rethink their security strategies to keep sensitive data safe in the cloud 24 Aug 2010

related white papers

today's top stories

Management

Interview: Jos Creese, chief information officer, Socitm

Head of Socitm, the body for local authority IT professionals, discusses how to get the most from IT services at a time when budgets are being cut to the bone. Dawinderpal Sahota listens in 09 Sep 2010

Internet

Implementing cloud computing

UK firms are looking for on-demand, pay-as-you-go IT services, applications and infrastructure, writes Martin Courtney 08 Sep 2010

Internet

When business brains turn to crime

Cyber criminals are far better organised and more sophisticated than most legitimate e-commerce operations, writes Stuart Sumner 08 Sep 2010

Internet

Copyright agreement draft leaked again

ACTA workings published after Washington DC negotiating round 07 Sep 2010

The Analyst View

Lloyd's Of London takes Facebook to the board

Peter Hambling, CIO of Lloyd’s of London, the venerable insurer, has made Facebook a priority for customer communications that required board approval.... 07 Sep 2010

> More news

Advertisement

Subscribe

Best practices to secure and protect backup data
Exploding the myths about data security and backup encryption

Using data integration to drive down costs and increase profits
This paper outlines why data integration is an important weapon in an enterprise’s competitive arsenal

Advertisement

Citrix

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you thousands of white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

Latest poll

The Chinese Market

The Chinese Market

Is your company considering expansion into the Chinese market?

View poll results

> More polls

Latest audio and video articles

A microphoneAudio

Computing Podcast: Tech Talk episode 5

Join Tech Talk for an overview of the week's top IT stories, and a debate on IT self-service. Will it provide value? 27 Aug 2010

A microphoneAudio

Computing podcast: Tech Talk episode 4

Join Tech Talk for an overview of the week's top IT stories, and a debate on IT skills. Is the UK slipping behind? 20 Aug 2010

> More audio and video

Latest in-depth articles

Picture of Google logoAnalysis

Will IPv6 boost search engine rankings or is that wishful thinking?

Will search engine providers consider web-server IPv6 support to rank content in the future? 09 Sep 2010

Jos CreeseFeatures

Interview: Jos Creese, chief information officer, Socitm

Head of Socitm, the body for local authority IT professionals, discusses how to get the most from IT services at a time when budgets are being cut to the bone. Dawinderpal Sahota listens in 09 Sep 2010

> More in depth articles

Primary Navigation