One in five of all UK corporate data loss incidents reported in the first half of 2010 was caused by employees, according to KPMG.
The professional services provider’s Data Loss Barometer report found that the frequency of such ‘malicious insider’ incidents has increased from 4% in 2007 to 21% in 2010. It is now the single largest cause of data loss, the study says. Theft of PCs accounted for 15%, while theft or loss of portable media represented 10% of all incidents.
“The recession may have played its part in driving up the increase in malicious insider data loss incidences, as data becomes an increasingly valuable commodity,” commented Malcolm Marshall, head of the information security practice at KPMG in the UK. “The alternative is that, as organisations get wiser to the tactics of hackers, criminals may be tempting staff to pass on valuable information – hence the massive growth in the insider threat.”
Healthcare was the industry most susceptible to data loss incidents, suffering 25% of all reported cases. This was followed by government, with 19%, and education, with 14%.
KPMG’s report was not all bad news, however. The research showed that, year-on-year, the total volume of reported data loss incidents was down 25% compared with 2009.