Becoming aware of the modern cyberthreat landscape means also becoming aware of its inherent irony. For all the talk of how sophisticated cyberattacks are rising to record levels, the number-one threat to an organization is still its own employees. And while data security and privacy training is the first line of defense against negligent employee behavior, such training programs are falling short, according to "Managing Insider Risk Through Training & Culture," a report by Experian and the Ponemon Institute.
The survey of more than 600 IT professionals, C-suite executives, managers, and other high-level staff in various U.S. organizations found that slightly over half of organizations (55%) suffered a security incident or data breach due to malicious or negligent employee behavior. In addition, only 51% of respondents agreed that their organization's data security and privacy program was effective.
Those in the legal department were considered among the most conscientious in terms of protecting data. Sixty percent of respondents cited the legal department as the most careful, behind 67% of those citing the compliance department, and 69% citing the financing and accounting department.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Rhys Dipshan
CT-born, New York-based legal tech reporter covering everything from in-house technology disruption to privacy trends, blockchain, AI, cybersecurity, and ghosts-in-the-machine. Continually waiting for law to catch up with tech. (It's like waiting for Godot, but without the clowns)
