June 9, 2013
Human Error, System Glitches Responsible For More Data Breaches Than Hackers
redOrbit Staff & Wire Reports — Your Universe Online
Mistakes, negligence and glitches are more likely to be responsible for computer-related security breaches than cyber attacks, according to a report released last week by Symantec and the Ponemon Institute.
The eighth-annual “Cost of a Data Breach” study, which was conducted by the independent research firm and sponsored by the California-based security software company, found that nearly two-thirds of all data breaches that occurred last year could be chalked up to human error (35 percent) or system glitches (29 percent).
“However, malicious attacks remain the single highest cause of breaches, with 37 percent of the intrusion pie,” John P. Mello Jr. of PCWorld reported on Saturday, adding that the figures “vary by nation“¦ Germany had an almost even split between malicious attacks (48 percent) and negligence/glitches (52 percent). By comparison, more than three-quarters of the breaches (77 percent) in Brazil were blamed on human error-system failures.”
Those mistakes can be costly, according to the study. The average number of records breached per organization was 23,647, ZDNet´s Rachel King said, and the average costs of each ranged from $130 to $136. Data loss was even more expensive in the US and Germany, where the average increased to $199 and $188 respectively, King added.
Officials with the Ponemon Institute told eWeek that those costs could be reduced if companies were to implement stricter security management practices. Taking steps such as creating an effective incident response team and hiring a chief information security officer could reduce the cost of network breaches by up to 25 percent, they claim.
The research firm conducted surveys of more than 1,400 people at 277 organizations in nine different countries, including the US, the UK, Germany, France, Australia, India, Italy, Japan, and Brazil.
King said that Brazilian companies were the most likely to experience breaches caused by human error and Indian businesses were more likely to see breaches resulting from system glitches. German firms were most likely to experience issues related to hackers or malicious attacks, followed by Australia and Japan.
“American companies said the greatest increase in data breach costs stemmed from a third-party error or even quick notification to data breach victims, regulators, and other stakeholders. UK companies pointed towards lost and stolen devices as the biggest culprits,” she added. “But US and UK companies saw the greatest reduction in costs when they had strong response plans in place. Furthermore, American and French businesses also saw reduced costs when they enlisted consultants for data breach remediation.”