Two-Thirds of Companies See Insider Data Theft, Accenture Says
By Matthew Kalman
(Bloomberg) — As businesses spend billions of dollars a year trying to protect their data from hacking that’s costing trillions, they face another threat closer to home: data theft by their own employees.
That’s one of the findings in a survey to be published by management consultant Accenture Plc and HfS Research on Monday.
Of 208 organizations surveyed, 69 percent “experienced an attempted or realized data theft or corruption by corporate insiders” over the past 12 months, the survey found, compared to 57 percent that experienced similar risks from external sources. Media and technology firms, and enterprises in the Asia-Pacific region reported the highest rates — 77 percent and 80 percent, respectively.
READ MORE: Basic Security Training for Employees Not Enough to Stop Data Breaches: Report
“Everyone’s always known that part of designing security starts with thinking that your employees could be a risk but I don’t think anyone could have said it was quite that high,” Omar Abbosh, Accenture chief strategy officer, said in an interview in Tel Aviv, where he announced Accenture’s purchase of Maglan Information Defense & Intelligence Group, an Israeli security company.
Each year, businesses currently spend an estimated $84 billion to defend against data theft that costs them about $2 trillion — damage that could rise to $90 trillion a year by 2030 if current trends continue, Abbosh forecast. He recommended that corporations change their approach to cybersecurity by cooperating with competitors to develop joint strategies to outwit increasingly sophisticated cyber-criminals.
SEE ALSO: Shadow IT: Embrace Reality – Detect and Secure the Cloud Tools Your Employees Use
“There’s a huge business rationale to share and collaborate,” he said. “If one bank is fundamentally breached in a way that collapses its trust with its customer base, I could be happy and say they’re all going to come to me, but that’s a false comfort” because “it pollutes the whole sphere of customers because it makes everyone fearful,” he said.
Despite recent high-profile data breaches of Sony Corp., Target Corp. and the U.S. Office of Personnel Management, many corporations do not yet consider cybersecurity a top business priority, Accenture found. Seventy percent of the survey’s respondents said they lacked adequate funding for technology, training or personnel needed to maintain their company’s cybersecurity, while 36 percent said their management considers cybersecurity “an unnecessary cost.”
Source: TheWHIR