Data losses, exposures, leaks and theft resulting from events initiated by obtaining privileged information by malicious people or hackers increased by 28% in the last two years compared to 2021 and are already accumulating this year, according to the Report Code42’s 2024 Data Exposure (DER), which highlights that a single event can cost a company up to US$15 million.
The most common causes for the rise in insider-initiated incidents, according to the report, are cybersecurity skills gaps, ambiguous data regulations, and distributed work teams are contributing to the rise in insider-initiated incidents.
The study, which interviewed 700 respondents, including professionals (300), managers (200) and cybersecurity leaders (200) in the US, also indicated the exhaustion of cybersecurity teams, with respondents saying they spend an average of three hours a day investigating privileged information.
“In addition to financial, intellectual property, and time losses, data loss events are impacting employee morale, with nearly six in ten cybersecurity professionals saying their job satisfaction is negatively impacted by loss events data breach caused by employees (64%), and a similar proportion believe they could lose their job due to an unresolved internal breach (62%),” said Joe Payne, president and CEO of Code42.
Most respondents said they feared inadvertently exposing sensitive data to competitors through generative AI tools.
The study found that since 2021, there has been an average 28% increase in monthly internal data exposure, loss, breach and theft events, and the majority (85%) of respondents believe the trend is likely to continue over the next 12 months.
Insider-driven data loss refers to information leaked by an employee, intentionally or unintentionally, that can be exploited by third parties.
While nearly all (99%) of respondents said their company has a data protection system in place, 78% of cybersecurity leaders admit they have had sensitive data breached, leaked or exposed in 2023. The findings also revealed that in In the last 12 months, 55% of data exposure, loss, leakage and theft events motivated by privileged information were intentional, while 45% were unintentional.
Seventy-nine percent of respondents said their cybersecurity team faces skills shortages, leading their companies to turn to AI (83%), of which 92% relied on GenAI tools. This leads to possible insider threats. Additionally, 73% of respondents stated that data regulations are unclear, while others (68%) are not entirely confident that their company is complying with new data protection laws.
“Unclear guidelines can be generic or broad regulations that make it difficult to know which technologies and processes would make an organization compliant,” explained Payne. “Auditors and cybersecurity teams need to work together to meet compliance requirements in a way that aligns with your company’s needs.”
A large number (85%) of respondents believe that their companies’ sensitive data is increasingly vulnerable to new AI technologies. Eighty-seven percent of responses expressed fear of inadvertently exposing sensitive data to competitors by feeding it into GenAI. An equal number of them are also concerned that their employees are not following GenAI policy.
“Employees across industries are using AI to streamline their workflows, automate repetitive tasks and make data-driven decisions,” said Payne. “Any sensitive or confidential data that employees share with these tools is beyond employers’ control and can put compliance obligations and intellectual property protections at risk.”
According to Payne, the three main factors contributing to insider-driven data losses are high data portability, multiple exfiltration channels available in most organizations, and a completely distributed workforce, including remote employees, who follow poor security practices, using Dropbox, personal Gmail, Airdrop, and many other forms of unauthorized and insecure sharing, leading to additional threats.
To have full control over internal data flow, he says companies need to have solutions that can monitor data movement across the cloud and AI tools, work across different platforms and system differences, and provide complete visibility into the sources, types and data destinations.
Sources: CisoAdvisor, Code42
