According to research "Global Corporate IT Security Risks 2014 " of Kaspersky Lab and B2B International, 21% of all European businesses have lost sensitive business data due to "internal threats" within the last 12 months.
However, global data shows that for the first time since Kaspersky Lab began to monitor these incidents (from 2011), random data sharing by staff leads to a greater degree of loss of data compared to losses due to vulnerabilities.
Both sources of data loss are most commonly found in businesses in the Utilities & Telecommunications and Telecommunications sectors.
According to the survey, the most common internal threat remains software vulnerabilities, which were reported by 32% of businesses in Europe.
Accidental data leakage by staff (reported by 26% of enterprises) and staff lost / stolen by mobile workers (reported by 29% of respondents) are in second and third place respectively.
With regard to the largest sources of data loss from internal incidents, reported software vulnerability (15%), loss of data due to accidental staff leakage (18%) and data leakage due to the loss of mobile workers (19% ).
These data show that businesses are gradually gaining the "battle" against vulnerabilities in software programs, but data loss is rising in other business segments. Other examples of internal threats leading to data loss incidents include deliberate employee data leaks and security vulnerabilities from an outside vendor.
One of the most alarming trends revealed by Kaspersky Lab's research into internal threats is how often they appeared in Infrastructure businesses. For example, Telecoms companies recorded the highest rate (42%) of accidental leakage and data sharing by staff.
The Utilities & Energy sector reported the second highest percentage (33%), with the Manufacturing sector also recording a high percentage (31%). Threats from software vulnerabilities were also reported by a large number of organizations in the above sectors (40% in the Utility & Energy sector, 36% in the Transport / Logistics sector and 35% in the Telecommunications and Manufacturing sectors).
Kaspersky Lab today offers a range of security technologies to control applications, prevent software vulnerability losses and maintain portable device control while providing unparalleled information about digital threats aimed at industrial control systems.
In order to protect the special needs of manufacturing environments, industry and critical infrastructure, Kaspersky Lab offers a a specially designed version of the company's security software for terminal locations, which was created specifically for these areas. Kaspersky Lab also provides Kaspersky Industrial Protection Simulation, to help organizations educate their staff in relation to digital attacks that could affect the infrastructure of their facilities.
To address internal security threats with an effective security solution, such as Kaspersky Endpoint Security for Business and industry-specific solutions, organizations should have integrated security policies and advance effective staff training. Besides, employees should understand and follow the company's security rules.