Canada has experienced its share of high profile data breaches in the past year, with much of the attention focused on storage devices gone missing from government departments. While protection against hacking attacks and malware planted by cyber criminals dominates many security concerns, it is actually mistakes made by people and systems that cause the majority of data breaches.

According to Symantec’s 2013 Cost of a Data Breach study, negligence and system glitches together accounted for 64 per cent of data breaches last year. These can include employees mishandling information, violations of industry and government regulations, inadvertent data dumps, stolen laptops, and wrongful access.

Code:

Insiders greatly contribute to data breaches. In fact, in the eight years since Symantec started tracking data breach costs with the Ponemon Institute, the insider threat leading to data breach has increased 22 per cent. What’s even more concerning is these trusted insiders likely don’t know they’re doing something wrong. In related research, Symantec found that 62 per cent of employees think it is acceptable to transfer corporate data outside the company on personal devices and cloud services. And the majority never deletes the data, leaving it vulnerable to data leaks.

These breaches caused by human error are significant. Globally, the average cost per lost record was of $117, meaning the mistakes made by trusted employees are costing enterprises a lot of money. While the cost of a data breach can vary widely because of the types of threats and data protection laws, the financial consequences are serious worldwide.

But this year’s report is not all bad news — in the United States for example, the total cost per data breach was down slightly at $5.4 million.

This suggests that organizations there have made improvements in how they plan for and respond to data breach incidents. Certain factors can help organizations reduce the cost of a data breach such as having a strong security posture and an incident response plan, and appointing a CISO.

“While Canadians weren’t included in the survey, the majority of the US organizations surveyed have a presence in Canada so the results for Canada are likely very similar,” said Larry Ponemon, Chairman and Founder, Ponemon Institute. “From previous Ponemon studies, we’ve seen that generally speaking, Canadians are better at protecting their information than Americans. They value privacy more.”

So what would a data breach cost your company? You can calculate an estimate of it yourself at www.databreachcalculator.com.

Symantec recommends the following best practices to prevent a data breach and reduce costs in the event of one:

  1. Educate employees and train them on how to handle confidential information.
  2. Use data loss prevention technology to find sensitive data and protect it from leaving your organization.
  3. Deploy encryption and strong authentication solutions.
  4. Prepare an incident response plan including proper steps for customer notification.

You can learn more about the Cost of a Data Breach here.

Share on LinkedIn Share with Google+
More Articles

  • Danny ruthe

    Employees can easily contribute to data leakages and information threats. No matter how much we invest in them, at some time, some employees would lead to information threat. And like some findings say, more than one third of employees wouldn’t think twice before stealing/selling their company data for personal benefit or profit. Apart from viruses and malicious attacks from outside, the insider employee can bring much trouble with their neglect and intended data threats. Tracking and monitoring employee PC (s) is the only best solution available to control abuse and prevent costly data breaches. There is network monitoring software like Net Orbit which can be installed on all employees’ PC and the admin of the software can monitor, view live activity of employees. The program comes with log viewing, filtering, supervising and live monitoring of websites searched, keystrokes, IM, files, emails and all other activities