A fifth of survey respondents said that organizations had previously suffered a data breach at the hands of internal bad actors. This included disgruntled employees.
According to an industry report, there is a growing confidence gap between professionals in the IT industry for financial firms and their ability to meet authoritarian requirements for securing unstructured data. This data includes emails, PDFs and business files such as documents.
This comes after a survey of IT professionals found that a staggering 65% of professionals were unsure if the business protocols surrounding file sharing met standard regulatory requirements.
The survey was conducted by technology and communications giant BlackBerry. Astoundingly a third of the respondents reported that employees within their organization made use of file-sharing applications which were not approved by IT.
Happily only 26% reported data breaches due to external attacks. In a response to the findings of the survey, Blackberry said that it underscored the commonness of internal versus external threats. It also pointed out exactly how common operational risks are. The survey was based on polling over 200 senior IT professionals.
The chief security officer at Blackberry, Alex Manea said that some of the most confidential corporate information was stored in and shared through documents, spreadsheets, and presentations. He also said that financial firms which do not have effective measures in place to protect these files across all endpoints including both inside and outside of operation networks have large gaps in their security strategies.
According to Manea, all it would take for a potentially massive breach to occur is for one user to simply type in the wrong name or attach the wrong files while in an email exchange with another user. Also mentioned in the survey is that over a third of respondents reported that employees within their organizations regularly made use of file-sharing applications which were not pre-approved by IT departments.
A fifth of survey respondents said that organizations had previously suffered a data breach at the hands of internal bad actors. This included disgruntled employees and others, who may have either obtained access to sensitive information or who had access all along. They then simply distributed the data to unauthorized third parties.
Horrifyingly the survey also reported that more than a quarter of respondents indicated that financial firms they worked for suffered a security breach which was caused by a simple mistake. This included the accidental sharing of sensitive files. 18% of those taking the survey also sad that security breaches took place due to lost, unsecured or stolen devices.
The inability of employees to separate their personal and private lives was another point of concern highlighted in the survey. Many respondents admitted to having suffered security breaches as a direct result of the use of personal email and file-sharing accounts as well as the use of personal software or devices for corporate business.