Hackers Not the Only Causes of Data Breaches

GUEST BLOGGER

Zach Capers, CFE 
ACFE Research Specialist

In the past year, the number of reported data breaches has increased by nearly 30 percent, according to a report from the Identity Theft Resource Center. While recent headline-grabbing events such as last month’s record-setting Home Depot data breach might lead one to speculate that the majority of these breaches are the result of malicious data thieves, research indicates that a greater number are caused by employee negligence and system malfunctions. According to the Ponemon Institute’s most recent Cost of a Data Breach analysis, hackers accounted for 42 percent of all data breaches, whereas employee negligence and system defects combined for 59 percent.

As employees are increasingly able to access and transmit company data between innumerable computing devices and various storage mediums, new avenues for data loss must be addressed. Unfortunately, business policies concerning emerging technological trends and other risks related to data security are often insufficient, outdated or simply ignored.

This predicament is exemplified at many organizations by the Bring Your Own Device (BYOD) movement of recent years. As the number of employees who depend on their personal devices to accomplish occupational tasks has increased, so too have the risks of potential data breaches resulting from these devices being unsecured, misused, or lost. Additionally, because the devices are owned by employees, the company has only limited control over how they are used. Consequently, the implementation of a formal and comprehensive BYOD policy is critical to alleviate increased data risks while also allowing organizations to realize the benefits of the BYOD craze. However, despite the pervasiveness of personal device use in the workplace, a recent TEKsystems report found that more than one-third of IT professionals surveyed reported a complete lack of communication regarding BYOD.

To address these and related concerns, the ACFE’s newest two-day seminar, Protecting Data and Intellectual Property, has been designed to provide a thorough understanding not only of BYOD, but also of other burgeoning data risks such as cloud computing, social media, social engineering and increasingly sophisticated corporate espionage techniques. Furthermore, the program provides anti-fraud professionals with a solid foundation concerning the key legal issues, prevention strategies and response plans critical to securing an organization’s data.

While high-profile hacker attacks understandably generate the most Internet clicks, sound data security policies and employee awareness can foster a more secure business environment that reduces opportunities for malicious data thieves.

Upcoming ACFE Courses in Vancouver, Shanghai, Jakarta and Melbourne

AUTHOR’S POST

Mandy Moody, CFE
ACFE Social Media Specialist

Every country has its Enron. Or, I guess I should say its Olympus, its HSBC, its Caterpillar. The list could go on and on. Financial schemes morph, and the numbers get manipulated this way and that, but a few things remain the same. A fraud is perpetrated. The whole truth isn’t told. And, in the end, money, along with integrity, is lost.

Luckily, just as fraud knows no boundaries or borders, neither do fraud prevention and detection. For every Bernie Madoff, there are a hundred anti-fraud professionals dedicated to stopping fraud before it happens, investigating it to recover losses or helping to serve justice and restore balance. With the task of righting the financial and white-collar wrongs of the world, fraud fighters need a variety of skills. From interviewing to risk management, the tools of a fraud examiner are varied and unique.

With the goal of serving those who fight fraud worldwide, we are excited to announce a few new 2013 locations for some of our most popular courses. Below is a list of where you can find ACFE seminars around the world in the coming months: