sb-as logo
Story image

Employees, C-level & IT staff behind more than half of ASEAN data leaks

24 Oct 2017

Top-level executives and employees may be to blame for more than half of data leakages in ASEAN countries, and only 44% are the result of external attacks, according to recent research from InfoWatch.

56% of data leakages involved Executives, employees, IT administrators and other authorized personnel – only slightly lower than the global statistics of 60%. 43.9% of attacks were caused by external attacks, compared with 38.2% globally.

Much of the leaked data in Southeast Asia, South Korea, India and Bangladesh comprised personal data (76.9%) and trade secrets (15.4%), as well as state secrets (2.6%) and payment details (5.1%). Globally, personal data accounts for 62.3% of all leaked data and trade secrets account for 31%.

“Billing information leaks happen much more seldom than in the rest of the world,” the report states.

Employees in Southeast Asia were responsible for 48.8% of leaks; followed by external intruders (41.9%) and C-level executives (2.1%). Even IT staff account for 2.3% of all leaks, the report says.

InfoWatch Group chief international business development officer Vladimir Shutemov says, “It is a disturbing sign to see that a relatively high percentage of leaks stem from top managers and system administrators who fall into the category of ‘privileged users’.” 

Although Southeast Asia and other Asian countries are improving security, there’s room for improvement, Shutenov says.

“In line with global trends, Southeast Asia and other Asian countries are striving to improve cybersecurity. Their governments have toughened up personal data laws, while enterprises more and more often use information security tools against external and internal intruders. But more needs to be done as technology advances and the intruders become,” he explains.

The report also found that network applications such as web browsers and the cloud are the main forms in which data is leaked. In ASEAN, they were responsible for 73.8% of leakages, more than 10% higher than the global figure of 61.5%.

ASEAN countries also lost data in many other categories including instant messaging (7.1%), theft/equipment loss (7.1%), printed documents (4.8%), email (4.8%) and mobile devices (2.4%). Globally, email was the second most common category for data loss, accounting for 23.1%.

The government and military sector also saw 43.2% of leakages originating from government and military agencies, far higher than the global average of 13.1%.

Trade (15.9%) and high technology organisations (11.4%) were also common areas for data leakages in Southeast Asia and worldwide.

The research focused on leaks reported from commercial, non-commercial and government organisations between July 2016 and July 2017.

Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More