Hacking Surpassing Human Error For Data Breaches?
from the is-that-good-or-bad? dept
A couple years ago, we noted that the old claim that "insiders" were the biggest data breach threat was no longer true, as other threats were becoming a much bigger deal. While that study seemed to use very different methodology, a new study is out that agrees that insiders are a much smaller threat, but notes that outside hacking surpassed "human error" as the cause of data breaches in 2009. While it's good that human error issues are decreasing as a percentage, is it worrisome that outside hack attacks are now becoming such a major problem? The good news in the data is that there were supposedly fewer reported attacks in 2009 (by a pretty large amount) compared to 2008 -- so one possible reading of the data is that people have been effective in preventing things like human error breaches much more often, which is what allowed outside hack attacks to take the lead on a percentage basis. However, with recent stories of things like China's hack attack on Google it seems like we'll be hearing more and more stories about these sorts of attacks for one important reason: in many (certainly not all) cases, they can be quite effective.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data breaches, hacking, human error, insiders
Reader Comments
Subscribe: RSS
View by: Time | Thread
Straw man?
Retail stores know very well that their own employees are the greatest security risk for shoplifting or malfeasance, and a survey last year apparently indicated that a fair number of IT pros will grab confidential data on the way out of the company, even if they don't use it. Didn't anybody here read Halting State?
[ link to this | view in chronology ]
Re: Straw man?
Sorry, I wasn't saying they were the same. I was just comparing the results from two different studies.
[ link to this | view in chronology ]
Re: Straw man?
Interesting, because they act like their customers are thieves and use that as an excuse to spy upon them as they try on clothes in the "privacy" of those little rooms.
[ link to this | view in chronology ]
Re: Straw man?
What are you saying?
The root cause of the TJX breach was not due to human error?
That's laughable.
[ link to this | view in chronology ]
Re: Re: Straw man?
[ link to this | view in chronology ]
of course, there's no Other way to know how much of such a thing is happening, i suppose, but the automatic assumption that less reports = less issues isn't always the right one.
'course, this may be simple paranoia speaking. hehe.
[ link to this | view in chronology ]
Insider Attacks
[ link to this | view in chronology ]
GOVT SPONSORED vs me the hacker
ive about had it with misleading stories painting real hackers as the bad guys when its these fucktard politicians and there lil spy agencies doing all the bad shit on earth
[ link to this | view in chronology ]
Most Orgs and Individuals Enjoy "Security" as a Matter or Luck
[ link to this | view in chronology ]