One in five data breaches is an inside job

New KPMG report also reveals that a quarter of all data losses in first six months of 2010 occurred in the health sector

A fifth of all reported data loss incidents in the first half of 2010 were a result of malicious attacks from inside the organisation, according to KPMG's 2010 Data Loss Barometer report.

The report's findings come in the same week as the first fines to be dished out by the Information Commissioner's Office (ICO) for breaches of the Data Protection Act.

According to KPMG, the insider threat has grown from only four per cent of all incidents in 2007 to 20 per cent in 2010.

Some 23 million people globally have been affected by data breaches due to malicious insider attacks over the past three years.

"The recession may have played its part in driving up the increase in malicious insider data loss incidences, as data becomes an increasingly valuable commodity," said Malcolm Marshall, head of the information security practice at KPMG in the UK.

"The alternative is that as organisations get wiser to the tactics of hackers, then criminals may be tempting staff to pass on valuable information - hence the massive growth in the insider threat."

The issue is complicated by the fact that sensitive data can be stored in a structured or an unstructured way. Unstructured data is more difficult to protect from threats within the organisation, according to Symantec product marketing manager Jamie Cowper.

"Structured data is easier [to protect] because it tends to be more locked down in the database and there are reporting tools to help you keep that secure. The challenge that organisations have is that data often becomes unstructured, for example in spreadsheets, and finds its way onto laptops or into storage held in local offices, as well as the core datacentres, which have the necessary protection," he said.

In the first half of 2010, over a quarter of all reported incidents were in the healthcare sector, according to KPMG's research, with almost four million people affected. The healthcare sector's share of the number of incidents doubled from 12 per cent in 2009, to 25 per cent in 2010.

"One of the challenges hospitals face is the amount of users sharing resources. You have any number of individuals logging into the same machine, which brings its own challenges. They even have shared passwords and passwords on Post-it notes stuck on the front of PCs because you have so many non-technical users," said Cowper.

"Hospitals need to think about awareness and education to make sure employees recognise the importance of the data that they're dealing with. They need to train staff to not share passwords, or write things down, but to use the right technologies, such as encrypted USBs, CDs and DVDs, and make things as difficult as possible for others to access data that they shouldn't be allowed to access. Then, it's important to employ technologies that track and alert data movements," he added.