Human error main contributor to data loss over technical failures: Study
Data loss is a critical issue for organisations across industries due to its potential to result in severe consequences. Recently, Proofpoint, a cybersecurity and compliance firm unveiled that data loss primarily arises from the interplay between human actions and technology—instances are more frequently attributed to "careless users" rather than compromised or misconfigured systems.
“Data loss primarily stems from human error,” said Jennifer Cheng, director, cybersecurity strategy, Asia Pacific and Japan, Proofpoint. “As such, it’s no surprise that a significant portion of alerts are triggered by careless users. Yet, incidents originating from malicious or compromised individuals tend to inflict more substantial damage on businesses. While organisations in Singapore are making considerable efforts towards data loss prevention, they often fail to address the issue in its entirety.”
The 2024 Data Loss Landscape report scrutinises third-party survey responses from 600 security professionals employed by organisations with 1,000 or more employees spanning 17 industries across 12 countries, Singapore included.
These survey findings were complemented by data from Proofpoint's Information Protection platform and Tessian, acquired by Proofpoint last October, to provide a comprehensive perspective on the magnitude of data loss and insider threats confronting organisations.
“This research illuminates the most critical aspect of the data loss problem: its human causes,” said Ryan Kalember, chief strategy officer, Proofpoint. “Careless, compromised, and malicious users are and will continue to be responsible for the vast majority of incidents, all while GenAI tools are absorbing common tasks—and gaining access to confidential data in the process. Organisations need to rethink their DLP strategies to address the underlying cause of data loss—people’s actions—so they can detect, investigate, and respond to threats across all channels their employees are using including cloud, endpoint, email, and web.”
Key findings specific to Singapore reveal the following insights:
- Data loss incidents are prevalent but preventable: Organisations in Singapore encountered an average of 13 data loss incidents per year, with 68% attributing these incidents to careless users. Preventable behaviours such as misdirecting emails, visiting phishing sites, and unauthorised software installations were identified as leading causes. Implementing DLP policy rules for email, web uploads, and other common data exfiltration methods could mitigate these risks effectively.
- Malicious actions have costly consequences: Approximately 33% of respondents in Singapore reported malicious insiders, including employees and contractors, as responsible for data loss incidents. Such actions can result in more significant implications than those caused by careless insiders due to personal motivations for personal gain or to harm the organisation.
- Departing employees pose a significant risk: Departing employees, even if not acting maliciously, can pose a risk by leaving with organisational information they feel entitled to take. Global data indicates that 87% of anomalous file exfiltration among cloud tenants stemmed from departing employees, highlighting the need for preventative strategies such as security reviews for this user category.
- Privileged users are high-risk: Seventy-four per cent of respondents in Singapore identified employees with access to sensitive data as the greatest risk for data loss. Additionally, global data showed that a mere 1% of users were responsible for 88% of data loss events. Employing practices like data classification and monitoring individuals with access to sensitive data or admin privileges are crucial.
- Maturing data loss prevention programs: Over 50% of survey participants in Singapore cited protecting customer and employee privacy as the primary driver for implementing DLP programs, alongside safeguarding intellectual property.
Global findings highlighted in the report include:
- Misdirected emails are significant sources of data loss: About one-third of employees worldwide sent one or two emails to the wrong recipient, resulting in potential GDPR violations and other legal implications.
- Growing concern over generative AI: Tools like ChatGPT and Grammarly are increasingly utilised, posing risks as more users input sensitive data into these applications. "Browsing gen AI sites" has become a top alert rule for DLP and insider threat incidents.
- In response to these findings, experts emphasize the importance of regularly reviewing DLP programs and leveraging purpose-built DLP platforms to address human-centric data loss scenarios effectively.