Echoing the findings from the past year, and despite growing media frenzies over cyberattacks and malware, people continue to remain the top cyberthreat to businesses in North America. In North America, the most serious data breaches were attributed to careless / uninformed employee actions in 59% of cases and phishing / social engineering in 56% of cases.
According to Business Perception of IT Security, a report from Kaspersky Lab as part of the Corporate IT Security Risks survey, 43% of global businesses experienced data loss as a result of a data breach in the past 12 months. In North America, 44% of businesses report four or more data breaches in the past 12 months (vs 20% globally for this figure), showing that North American organizations are either more highly targeted and / or less well prepared.
As the data above indicates, the Insider Threat continues to remain the primary cause in successful data breaches, including cyberattacks. The survey goes on to describe the top 10 vulnerable areas, with inappropriate usage or sharing data via mobile devices being cited as the most frequent point of vulnerability. Mobile devices remain the top IT security challenge, as ranked in the survey, confirming that the growing attack surface represented by the proliferation of mobile devices, amplified by cloud threats and insider threats, remain the primary source of data breaches.
"The key point here is that threats are not necessarily getting more sophisticated. It’s the growing attack surface that requires more diverse set of protection methods. This makes matters even more complicated for IT security departments. The most important finding is the companies’ points of vulnerability: threats like employee carelessness and data exposure due to inappropriate sharing of device theft.”
With mobility and cloud use on the rise, endpoints remain one of the top vectors for cybersecurity risks, often exacerbating the insider threat, with employees accidentally or maliciously putting data at risk. Visibility into the health of your endpoint security stack becomes key to remediating these threats.
Absolute DDS offers a persistent connection to endpoint devices, allowing insight into your entire security stack, as well as the health of the endpoint itself and the data it contains (including data held in cloud storage applications). With automated scans for unusual device or user activity or sensitive data, automated alerts, and zero-touch reinstallation of key security software, you can help ensure that threats are identified and remediated quickly. For example, by remotely locking devices or deleting data, or running an audit log to prove that data on a device remained untouched or protected by encryption, organizations can stop a security incident from becoming a costly data breach. Learn more at Absolute.com