We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

35% of firms have had sensitive data passed to competitors

More than a third believe employees were the source of the leak

More than a third (35 percent) of companies believe that their sensitive information has been given to competitors, says Cyber-Ark.

The 'Trust, Security and Passwords' survey by the firm, which offers digital vault software, revealed that 37 percent of IT professionals believed former employees were the mostly likely source of this loss.

However, human error followed second, with 28 percent of respondents saying this was the most likely cause, followed by 10 percent who believed that it was a result of an external hack, and 10 percent who cited the loss of a mobile device or laptop.

The survey also found that the most popular sensitive information to be shared with competitors was the customer database (26 percent) and R&D plans (13 percent).

Cyber-Ark suggested that to address the vulnerabilities related to human error, companies need to deploy additional layers of control on sensitive data.

In addition, Cyber-Ark's survey found that IT professionals are increasingly using their privileges to access sensitive or confidential information. A total 41 percent of respondents admitted to abusing administrative passwords to do so, an increase from 33 percent in 2008 and 2009.

Furthermore, 67 percent of respondents admitted to having accessed information that was not relevant to their role, and the IT department was identified as the biggest culprit, with 54 percent saying that IT staff were most likely to snoop, with HR coming second at 11 percent.

Preference for the type of data that IT staff snooped on varied depending on geography, with 30 percent of UK respondents accessing HR records first, compared to 28 percent of US respondents, and 38 percent of US respondents choosing to sneakily access the customer database first, compared to just 16 percent of UK respondents.

However, firms are making it harder for IT staff to gain unauthorised access to sensitive data. The number of respondents who said they could circumvent their company's access controls had fallen from 77 percent in 2009 to 61 percent this year.

Despite this, insider sabotage had increased from 20 percent last year to 27 percent this year. And although 88 percent of IT professionals believed that their use of privileged accounts should be monitored, only 70 percent of firms try to do so.

Adam Bosnian, Cyber-Ark's executive vice-president of Americas and corporate development, said: "While we understand that human nature and the desire to snoop may never be something we can totally control, we should take heart that fewer are finding it easy to do so".

"It is the organisation's obligation to protect its sensitive information and intellectual property."

See also: Study says poor passwords hurt security for all


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips: Complete Guide to OS X Yosemite