sb-as logo
Story image

Employee errors 'the most significant threat to personal data' - report

08 Apr 2020

The cyber threats posed to employees working from home in light of COVID-19 restrictions around the world are well-known – heightened vulnerability to coronavirus-related phishing has been reported on extensively.

But according to a report released today by nCipher Security, employees actions and mistakes are increasingly being recorded as one of the most significant risks to an organisation’s security posture.

This year’s Global Encryption Trends Study surveyed 6,457 IT professionals across multiple industry sectors in 17 countries/regions.

The report was completed in collaboration with the Ponemon Institute and captures how organisations around the world are dealing with compliance, increased threats, and the implementation of encryption to protect their business-critical information and applications.

The study indicates that employee mistakes are cited to be the most significant threat to sensitive data, with 54% of respondents rating it accordingly.

This significantly outweighs concerns over attacks by hackers (29%), or malicious insiders (20%).  

In contrast, government eavesdropping (11%) and lawful data requests (12%) are seen as least significant threats, according to the nCipher report.

67% of respondents cited the proliferation of data as their number one challenge, and this is set to intensify with more people using data at home and increased use of cloud storage for remote working, according to nCipher.

54% of respondents say protecting customer personal information has become the top driver for deploying encryption for the first time.

The highest prevalence of organisations with an enterprise encryption strategy is in Germany (66%) followed by the United States (66%), Sweden (62%) and Hong Kong (60%) Netherlands (56%), and the United Kingdom (54%).

54% of respondents cite payment-related data is the most likely type of data to be encrypted in the organization.

The study indicates that 48% of organisations have adopted encryption strategies across their enterprises, up from 45% in 2019. 

In the near term, 60% of organisations plan to use blockchain, with cryptocurrency/wallets (62%), asset transactions (53%), identity (47%), supply chain (49%) and smart contracts (36%) cited at the top use cases.

The manufacturing industry is seeing the most significant increase in extensive encryption usage, according to the report.

49% of respondents from a manufacturing organisation, 44% from hospitality and 43% from the consumer product sector have enterprise-wide encryption strategies in place.

This is in comparison to an 8-year average of 30%, 32% and 29% respectively.

The report comes a month after nCipher announced its partnership with DNA Connect with the aim to distribute its data protections and cybersecurity solutions across Australia and New Zealand. 

In its announcement, nCipher revealed 51% of Australian organisations have an overall encryption plan or strategy that is applied consistently across the entire enterprise, according to a 2019 encryption trends report.

It also revealed that Australia has the third-highest prevalence of enterprise encryption strategies of the surveyed countries, behind Germany and the United States.

Story image
Why answering the question of orchestration vs automation will improve your security effectiveness
Organisations are looking to improve their security operations effectiveness, efficiency, and staff satisfaction, with security, orchestration, automation and response (SOAR) fast becoming a trending approach. More
Link image
True SASE. True zero trust. True cloud.
Secure Access Service Edge (SASE) is the new way of unifying security. Use the combined power of threat protection and data loss prevention to protect data, users, and systems safe when people are now working from almost anywhere.More
Download image
451 Research: The new shape of the enterprise network
In this new world, distance has become the silent digital business killer. Latency looms large, especially for high-performance edge applications, IoT and 5G use cases. More
Story image
Network intelligence is stopping a wave of DDoS misdiagnosis
Security teams already know the value of a layered defence; it’s time to add more layers, writes ThousandEyes principal solutions analyst Mike Hicks.More
Story image
Interview: ThreatQuotient champions threat intelligence through virtual 'situation rooms'
To understand what it involves and some of the collaboration challenges that come with distributing threat intelligence amongst specialised security teams, we spoke to ThreatQuotient APJC regional director Anthony Stitt.More
Story image
42% more plaintext HTTP servers than HTTPS counterparts - report
Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.More