06 Mar 2012

Most companies fault employees for internet security breaches

The human factor may be the biggest risk to internet security, according to a study by the Ponemon Institute. The study, The Human Factor in Data Protection, said 78 percent of companies surveyed blame employee behavior, accidental and intentional for at least one data breach over the last two years.

"Our conclusion is that most threats posed by employees and those within companies are becoming more prevalent because of the mobility of the workforce, proliferation of mobile data-bearing devices, consumerization of IT, and the use of social media in the workplace," said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. "We saw that most surveyed believe their companies are not doing enough to ensure a more effective security infrastructure against hackers and targeted attacks. Combined with data-centric security technology, education and awareness among employees are essential."

The report also said small and mid-sized businesses generally suffer from more data breaches at 81 percent - versus 78 percent for larger firms - due to the mishandling of sensitive data. SMB employees were also likely to take part in risky behavior, with 58 percent will or already having opened web attachments in spam.

The FTC said businesses affected by an internet security breach should notify law enforcement and businesses affected to make sure it can be stopped as soon as possible, which could be the different between a spread and stopping the virus right there.