"Email is The Riskiest Channel For Data Security"

New research from Tessian and the Ponemon Institute reveals that nearly 60% of organizations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months.   More than half (67%) of IT security practitioners said email was the riskiest channel for data loss in organizations.  This was closely followed by cloud file-sharing services (62%) and instant messaging platforms (57%).  The researchers surveyed 614 IT security practitioners around the globe.  During their research, the researchers also found that employee negligence by not following policies was the leading cause of data loss incidents (40%).  More than a quarter (27%) of data loss incidents are caused by malicious insiders.  The researchers noted that it takes up to three days for security and risk management teams to detect and remediate a data loss and exfiltration incident caused by a malicious insider on email.  Almost a quarter (23%) of organizations experience up to 30 security incidents involving employees’ use of email every month (for example, an email was sent to an unintended recipient).  The most common types of confidential and sensitive information lost or intentionally stolen include customer information (61%), intellectual property (56%), and consumer information (47%).  The researchers found that user-created data (sensitive email content, text files, M&A documents), regulated data (credit card data, Social Security numbers, national ID numbers, employee data), and intellectual property were identified as the three types of data that are most difficult to protect from data loss. 

Help Net Security reports: "Email is The Riskiest Channel For Data Security"