Featured Article

Your biggest problem? People.

Data breaches and untrained workers, part 3 of 3



Organizations in every industry sector — private and public — need to step up to the plate and develop comprehensive risk management strategies that include strong ongoing data protection and security awareness programs to help protect the PII and other sensitive information of their customers, clients and employees.

As Barbra Streisand sang, "People who need people are the luckiest people in the world." Unfortunately, they're also the major cause of data breaches.

Organizations — as we reported in parts one and two of this study — could drastically reduce and prevent most internal and many external data breaches if they implemented risk management strategies with ongoing data protection and security awareness programs to educate all employees and third parties.

Analysis

"No matter how much companies spend on digital defenses, hackers often still get in [to computer networks] by persuading an employee to click on a link or cough up a password," wrote Danny Yadron in his April 19, 2015, article, The Man Who Hacks Your Employees, in The Wall Street Journal. Are the people problems that underlie internal threats more troublesome than they appear? Yes, because, in addition to driving the internal  threats, these problems also drive most of the external ones and, as a result, increase the risk of a data breach. Why is that?

As shown in part one of this study, a variety of internal and external causal factors precipitate data breaches — those driven by external hackers are the most compelling. Also, constant threats include current and former employees, third-party contractors (such as external auditors and lawyers) and those who are responsible for disposing of data properly because they all have access to records containing personally identifiable information (PII) and are entrusted to use it in a professional manner.

 


For full access to story, members may sign in here.

Not a member? Click here to Join Now.