Driving home the divide between malice and carelessness in data breaches, Verizon Business issued a new report examining four industries where data breaches have occurred: technology, finance, retail and the food/beverage industries. It found that financial services and tech companies face a greater threat from insider-driven data breaches than the other two.
This supplemental report adds to Verizon’s June 2008 data breach report, which turned heads for its direct, post-forensic examination of compromised records in more than 500 known incidents. The highlights of the first report included metrics that found the preponderance of threats came from external sources, but that insider threats resulted in a much higher percentage of compromised records.
In the supplement, Verizon found that the majority of insider breaches came in the tech (39 percent) and finance (38 percent) industries than food and retail businesses—which stands to reason, Verizon notes, since the tech and finance industries generally host and manage payments, transaction and data services for the latter pair. “It stands to reason that organizations in [the tech] industry likely employ a high percentage of tech-savvy staff and grant them high levels of access to numerous systems,” the new report notes. “Unfortunately, some find that access to sensitive and valuable resources is a temptation too hard to resist. Facing similar temptations, insiders in the [f]inancial [s]ervices industry were behind a large proportion of breaches as well.”