var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?d387e539c1f2d34f09a9afbac8032280"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })();

Dark Reading is part of the Informa Tech Division of Informa PLC

7x彩票网appThis site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/11/2019
11:55 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Accidental Data Breaches Are on the Rise; Corporate Email Is a Leading Cause

70% of security professionals admit to accidental internal breaches at their organization, but employee education is severely lacking as the CCPA compliance deadline looms.

BOSTON, Mass.—December 11, 2019—, the leading provider of human layer email security, today announced the results of a comprehensive survey on the “Current Status of Data Privacy Compliance.” Responses from 500 IT security decision makers in the U.S. revealed that 44% percent of executives believe employees have erroneously exposed personally identifiable information (PII) or business-sensitive information using their company email account. The survey also revealed that accidental internal breaches are a growing security risk for organizations. Over 70% of respondents recorded experiencing this type of breach during the last five years, with half of these incidents occurring in the previous 12 months. IT security decision makers also ranked accidental employee breaches as one of their top three concerns (46%), just behind external hacks (55%) and malware (53%).

7x彩票网appYet, surprisingly, despite this increasing threat and more stringent compliance regulations coming into effect, like the pending California Consumer Protection Act (CCPA), less than half (39.6%) of organizations are educating staff on how to improve security when sharing data.

 

“We’re only human and people are always going to make mistakes. But as the workforce has become more reliant on digital communication, and is increasingly remote and flexible, it has also become more difficult for traditional network perimeter security technologies to protect data,” said Tony Pepper, Chief Executive Officer at Egress. “In fact, people are now the new security perimeter in most organizations, and as a result, businesses need to evolve the way they protect themselves. This research highlights the growing imperative to detect abnormal human behavior – including accidental data leaks – to stop breaches before they occur.”  

 

Email Presents the Biggest Risk for Organizations

7x彩票网appThe survey results showed that both corporate and personal email are the leading applications for accidental data leaks. Other at-risk applications include: file sharing services (39%), collaboration tools (34%), and SMS instant messaging (33%). Concerningly, these applications have remained an ongoing issue for organizations throughout 2019. Comparatively, external email increased in risk from 50% to 54% over the last year, while other applications maintained the same level of risk, based on a .

 

7x彩票网appDespite awareness of these risks within the organization, one in four respondents (26%) stated that employees share sensitive data outside of the organization without encryption, increasing the likelihood of a potential breach. Additionally, internal data sharing has become a worrying blind spot, with 65% of respondents revealing that their organization does not use encryption for this.

 

CCPA Compliance is a Top Concern for Organizations

7x彩票网appAccording to IT decision makers, 93% of organizations have taken steps to comply with regulations like GDPR and the pending CCPA. These steps include improved use of existing security technologies (58.8%), improved data handling practices (55.8%), investment in new security technologies (55.2%), staff education (39.6%), and hiring new security personnel (29.2%).

 

One of the pivotal components of CCPA compliance is the ability to complete Data Subject Access Requests (DSARs) within 45 days, which can include information shared via email and stored on network drives, as well as that contained within databases. Highlighting their general focus towards CCPA, respondents were confident in their ability to comply with these requests, with 72% thinking their organization could accurately fulfill a DSAR within 45 days. However, timing is still a concern for 23% of respondents, who believe they would require longer than the 45-day limit.

 

7x彩票网app“It’s encouraging to see organizations taking proactive steps to enhance their compliance with data privacy regulations like GDPR and CCPA,” said Pepper. “We hope these measures will curb the number of internal data breaches this survey uncovered – but in reality, and certainly for the immediate future, we will probably continue to see organizations struggling to mitigate people’s unpredictable behavior using traditional static technologies. Instead, IT security decision makers are advised to examine emerging solutions based on contextual machine learning that dynamically react to potential breaches in real time as employees share data.”

 

Survey Methodology

7x彩票网appEgress commissioned a web-based survey to determine the Current Status of Data Privacy Compliance. In November, a third-party provider collected the responses from 500 IT security decision makers across the United States. 

 

About Egress

 

7x彩票网appEgress provides human layer security – helping users receive, manage and share sensitive data securely to meet compliance requirements and drive business productivity. Using contextual machine learning, Egress ensures information is protected relative to the risk of a data breach and reduces user friction to ensure smooth adoption.

 

Trusted by enterprise organizations and governments around the globe, Egress’ award-winning platform provides email encryption, secure file transfer and online collaboration services, as well as risk management, accidental send prevention, and compliance auditing and reporting.

 

Egress is headquartered in London, with regional offices in the UK, the US, Canada and the Netherlands.

 

# # # #

 

For media inquiries, please contact:

 

Cait Buckley, Matter Communications for Egress

[email protected]

617-874-5214

 

 

Comment  | 
Print  | 
More Insights
Webcasts
More Webcasts
White Papers
Reports
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
7x彩票网app Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...

PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.

PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...

PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...

PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.
66?????? 7072???? 7073???? 689????? 963???? 66????? 7073???? 7073???? 66???app 8????app