InfluenceChronicles.Comm -- A new survey says three-fourths of corporate data theft is caused by “insider negligence” -- a nice way of saying “companies that for some reason still let employees do internal email while connected to a free wi-fi service.”
As many companies and politicians learned the hard way, hackers love stealing emails in part because of the whacky fun that ensues when made public. And cybercrooks are becoming steadily more proficient in how they leak e-plunder to mess with the victim’s reputation and operations for as long as possible.
Here's the kicker: More than 60 percent of those surveyed said they have access to company data that they shouldn’t see. "Too many employees have too much access to the company’s most valuable information," said the lead researcher. “Beyond what they need to do their jobs."
Worse still, a third of those companies don’t monitor any of the email their people are sending and receiving, including file attachments.
Change is coming. As the cybercrime epidemic continues, companies and organizations will begin compartmentalizing more information to the old “need to know” standard. How much that mitigates cyber-related reputation risk… We’ll see.
There’s more at The Wall Street Journal Risk Report.
Illustration | My Security World blog: Eight things to stop doing immediately