Employees, C-level & IT staff behind more than half of ASEAN data leaks
Top-level executives and employees may be to blame for more than half of data leakages in ASEAN countries, and only 44% are the result of external attacks, according to recent research from InfoWatch.
56% of data leakages involved Executives, employees, IT administrators and other authorized personnel – only slightly lower than the global statistics of 60%. 43.9% of attacks were caused by external attacks, compared with 38.2% globally.
Much of the leaked data in Southeast Asia, South Korea, India and Bangladesh comprised personal data (76.9%) and trade secrets (15.4%), as well as state secrets (2.6%) and payment details (5.1%). Globally, personal data accounts for 62.3% of all leaked data and trade secrets account for 31%.
“Billing information leaks happen much more seldom than in the rest of the world,” the report states.
Employees in Southeast Asia were responsible for 48.8% of leaks; followed by external intruders (41.9%) and C-level executives (2.1%). Even IT staff account for 2.3% of all leaks, the report says.
InfoWatch Group chief international business development officer Vladimir Shutemov says, “It is a disturbing sign to see that a relatively high percentage of leaks stem from top managers and system administrators who fall into the category of ‘privileged users’.”
Although Southeast Asia and other Asian countries are improving security, there’s room for improvement, Shutenov says.
“In line with global trends, Southeast Asia and other Asian countries are striving to improve cybersecurity. Their governments have toughened up personal data laws, while enterprises more and more often use information security tools against external and internal intruders. But more needs to be done as technology advances and the intruders become,” he explains.
The report also found that network applications such as web browsers and the cloud are the main forms in which data is leaked. In ASEAN, they were responsible for 73.8% of leakages, more than 10% higher than the global figure of 61.5%.
ASEAN countries also lost data in many other categories including instant messaging (7.1%), theft/equipment loss (7.1%), printed documents (4.8%), email (4.8%) and mobile devices (2.4%). Globally, email was the second most common category for data loss, accounting for 23.1%.
The government and military sector also saw 43.2% of leakages originating from government and military agencies, far higher than the global average of 13.1%.
Trade (15.9%) and high technology organisations (11.4%) were also common areas for data leakages in Southeast Asia and worldwide.
The research focused on leaks reported from commercial, non-commercial and government organisations between July 2016 and July 2017.