Experts call for public disclosure of information leaks

Powered by SC Magazine
 

Employees remain the greatest risk to an organisation's data.

A survey conducted by Websense at this year's e-Crime Congress in London suggests that employees are the greatest risk to any organisation's data and intellectual property. 

Some 95 percent of the 105 international security professionals surveyed said that their company would not be confident of knowing about an information leak, and 64 percent believed that the board would be held responsible should a leak occur.

One in seven respondents believe that data leaks are widespread, and 15 percent indicated that most companies have experienced some form of data leak in the past 12 months.

Internal threats such as data leakage through malicious intent or by accident continues to be the greatest concern, topping the poll at 59 percent. This represents a 15 percent increase on last year's annual e-Crime Congress survey.

Furthermore, 79 percent believe that legislation should be in place to curb data leakage and to ensure greater transparency in the advent of an information breach.

However, it seems that little improvement has been made concerning organisations' approach to security. Only 10 percent of respondents felt that companies were truly attempting to tackle the problem.

"This survey shows that companies are so busy fire-fighting external security threats that when it comes to information leakage they are failing to address the larger problem," said Ross Paul, international product manager at Websense.

"A proactive approach ensuring the enforcement of well-defined policies to protect sensitive information is a must in stopping it getting into the wrong hands."

When data breaches do occur, there is a consensus among respondents that legislation should support the need for disclosure, according to Paul.

"With only five percent believing that all companies are aware of information leakage incidents, it is time for companies to actively take responsibility in detecting and protecting against this invisible threat," he said.

The survey also revealed that information breaches can cost as much as five percent of a company's annual revenue.

But it seems that legislation is helping to drive budget increases, as 62 percent agreed that measures such as the EU Privacy Directive (PDF) and Sarbanes Oxley have helped to drive budgetary increases for information leak prevention.

Copyright ©v3.co.uk


Experts call for public disclosure of information leaks
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1778

Vote
Do you support the abolition of the Office of the Information Commissioner?