Negligence and glitches create 64% of data breaches

While data breaches born of malicious attacks grab headlines, more data thefts are caused by employee negligence and computer glitches, according to a report this week by Symantec and the Ponemon Institute.

Almost two-thirds of data breaches in 2012 could be attributed to negligence or human error (35%) and system glitches (29%), reported the eighth annual Ponemon Global Cost of a Data Breach study.

However, malicious attacks remain the single highest cause of breaches, with 37% of the intrusion pie.

Those figures vary by nation, the report showed. For example, Germany had an almost even split between malicious attacks (48%) and negligence/glitches (52%). By comparison, more than three-quarters of the breaches (77%) in Brazil were blamed on human error-system failures.

[See also: Researchers find Java users woefully tardy on patching

"Data breaches normally aren't about bad people," Larry Ponemon, founder and chairman of the institute that bears his name, said in an interview. "It's normally about good people making mistakes or business processes that fail."

A common misconception by organizations is that security policies can eliminate human error, said Tony Busseri, CEO of Route1, a maker of security and identity solutions. "We have this expectation that because there's a policy manual and core training, that people are going to execute perfectly," he said in an interview. "They don't.

"We so often focus on the North Koreans or the Chinese or the bad guys, when in reality we create the large majority of breaches ourselves."

Even the lynchpin of a malicious attack can depend on human frailty, pointed out Timothy Zeilman, vice president of Hartford Steam Boiler, a unit of Munich Re, which released a study this week on cyber attacks on small businesses.

"There are a number of ways that cyber attacks can be orchestrated," he said in an interview. "But one of the common ways to do it is to take advantage of some weakness in human nature by getting someone to open an email or do something they shouldn't do if they were mindful of computer security at all times."

The increased presence of employees' personal devices in the workplace is often cited as a potential source of data breaches, but that hasn't shown up much in the Ponemon data yet. "We had some cases that involved an employee-owned mobile device -- BYOD -- but there aren't many of those," Ponemon said.

There were also some breaches among the nearly 300 companies participating in the study involving mobile devices -- tablets and smart phones. "That makes sense because these are computers and they're easy to lose," Ponemon said.

"They may also not be the most secure devices, because people see them differently," he added. "They don't think about safeguarding data on them the way they would with a desktop or laptop."

The Ponemon-Symantec study also noted that the average per-record cost of data breaches around the world increased this year over last -- to $136 from $130. However, those numbers, too, varied by region and breach type.

For example, the most expensive kind of breach is one caused by a malicious attack. In places like the United States, the average per-record loss to a company victimized by such an attack is $277, and in Germany it's $214. By comparison, it's only $71 in Brazil and $46 in India.

The report also made a number of recommendations for preventing data breaches. They include:

  • Educate employees and train them on how to handle confidential information.
  • Use data loss prevention technology to find sensitive data and protect it from leaving your organization.
  • Deploy encryption and strong authentication solutions.
  • Prepare an incident response plan including proper steps for customer notification.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationssecuritydata breachlegalPonemon InstitutePonemonsoftwaredata protectioncybercrimesymantecData Protection | Malware

More about Symantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts