According to a study conducted by Trend Micro, a company that specializes in providing flexible and customizable Internet security solutions, data leaks are rapidly becoming a security threat similar to that of viruses and malware. The study was conducted on 1,600 corporate PC users and it shows that the most affected countries are the UK, US, Germany and Japan.
According to the study, computer viruses came in as the number one ranked security threat, while the loss of private, confidential data came in at number two, surpassing phishing attacks, spyware and spam. Most of the times an insider is responsible for the data leak; that person is either careless of the information or is simply unaware that sensitive data is being handled. But whenever a company loses such data, it results in bad media coverage, fines, litigation, and last but not least the corporate brand being irrevocably damaged.
Rik Ferguson, solutions architect with Trend Micro comments: "The survey highlights some key challenges, including user education, inadequate security policies and the broad brush access rights typical in many enterprises today. All too often employees simply do not know which information is confidential, within the remit of public domain or of restricted distribution. Even if the regulations were clear, employees are often unaware of the corporate policy around such information."
Out of the 1,600 people surveyed, only 6% admitted to having lost private corporate information. It seems that the Japanese are the least inclined to avow data leaking.
In regard to computer savvy, the Americans take the lead position with 74% of respondents claiming they are well aware which type of info is confidential and proprietary. On a personal note, the US respondents may be aware that the data is confidential, but about 12,000 laptops are lost in airports each week (most of the times the data on said laptops is not encrypted). The Japanese come last with only 40%, but the study shows that employees in large corporations are more aware of confidential data as opposed to those working in smaller companies.
The worrying part is that only 54% of companies have thought ahead and have come up with a data loss prevention policy; the remaining 46% of companies that took part in the study have no such preventive measure. Generally speaking, large corporations are more inclined to implement such a policy, as opposed to their smaller counterparts. Also, the study showed that UK based companies are the least preoccupied in coming up with and implementing such a security measure.
While at work, the study revealed that different nationalities have different surfing habits. The British for example are more inclined to do a spot of shopping or visit a social networking site; the Americans will watch or listen to streaming media; the Japanese will download .exe files. Statistics about the Germans were not in the study - presumably they just got on with their work.