Data Security: The Greatest Threat Is Internal

By Daniel J. Solove

Posted on October 21, 2013


A PC World article discusses a new study by Forrester that reveals that internal threats are the "leading cause" of data breaches. The survey involved companies in Canada, France, Germany, the UK, and the US. The study revealed that 36% of breaches involve "inadvertent misuse of data by employees."

According to the article, the study also indicated that "only 42 percent of the North American and European small and midsize business workforce surveyed had received training on how to remain secure at work, while only 57 percent say that they're even aware of their organization's current security policies." The article quotes Heidi Shey, the study's author, who says: "People don't know what they don't know. You've got to give them some kind of guidance and guard rails to work with."

I couldn't agree more. Data breaches are often not the result of technical deficiencies but of the human element. A person can so readily click on the wrong thing, place data in the wrong place, fail to properly dispose of data, improperly access data, or fall for a social engineering trick. All it takes is for one member of the workforce to slip up, and . . . bam . . . there's a data breach.

Data security is only partly technical -- it's a human behavior issue, and that's why education and awareness are so important.

The preceding is re-published on TAP with permission by its author, Professor Daniel Solove. “Data Security: The Greatest Threat Is Internal” was originally published October 15, 2013 on Professor Solove’s LinkedIn Commentary page. Professor Solove is among LinkedIn’s 150 top influential thought leaders.



About the Author

  • Daniel J. Solove
  • George Washington University
  • 2000 H St., NW
    Washington, DC 20052

Recent TAP Bloggers