Shred-it Study Finds U.S. Business' Information Security Plagued by Human Error, Insider Threats, and Deliberate Sabotage - AutoSuccessOnline

Shred-it Study Finds U.S. Business’ Information Security Plagued by Human Error, Insider Threats, and Deliberate Sabotage

While the result of a data breach can have a variety of consequences on U.S. businesses, one of the most important factors is that a breach has an immediate effect on employee trust in an organization.

Shred-it’s 2019 Data Protection Report reveals more than half of all large U.S. businesses who suffered a breach say it was a result of external vendor errors.

Lake Forest, IL – With the incidence of reported data breaches on the rise, more than half of all C-suite executives (C-Suites) (53%) and nearly three in 10 Small Business Owners (SBOs) (28%) who suffered a breach reveal that human error or accidental loss by an external vendor/source was the cause of the data breach. That is according to Shred-it’s Ninth Annual Data Protection Report (formerly known as “The Security Tracker: State of the Industry Report”), which exposes information and data security risks currently threatening U.S. enterprises and small businesses and includes findings from a survey conducted by Ipsos.

When assessing additional causes of data breaches, the report found that nearly half of all C-Suites (47%) and one in three SBOs (31%) say human error or accidental loss by an employee/insider was the cause. What’s more, one in five C-Suites (21%) and nearly one in three SBOs (28%) admit deliberate theft or sabotage by an employee/insider was the cause of the data breach, compared to two in five C-Suites (43%) and one in three SBOs (31%) who say deliberate theft or sabotage by an external vendor/source caused their organization to suffer a data breach.

“For the second consecutive year, employee negligence and collaboration with external vendors continues to threaten the information security of U.S. businesses,” said Ann Nickolas, Senior Vice President, Stericycle, the provider of Shred-it information security solutions. “New to this year however, is that the report revealed how deliberate sabotage by both employees and external partners are very real risks organizations face today. The consequences of a data breach are extensive and are not limited to legal, financial and reputational damage. As the report showed, data breaches can affect employee retention too.”

While the result of a data breach can have a variety of consequences on U.S. businesses, one of the most important factors is that a breach has an immediate effect on employee trust in an organization. In fact, one-third (33%) of the U.S. workforce say they would likely look for a new job if their employer suffered a breach of customer (31%) or employee data (35%). What’s more, while nearly half of all consumers (47%) would wait to see how a business reacts to a data breach they’ve suffered before making up their mind about what to do, nearly one in four consumers (23%) would stop doing business with the company and nearly one-third (31%) would tell others about the breach.

Additional findings from the report include:

Lack of training leaves employees unaware of information security policies and procedures.

  • When asked if their organization has a known and understood policy for storing and disposing of confidential paper documents, one in five (21%) of C-Suites admit they have a policy but that not all employees are aware of it and more than one in 10 (12%) of SBOs said the same.
  • Three in 10 (30%) of SBOs admit that no policy exists for storing and disposing of confidential paper documents.
  • When it comes to understanding policies for storing and disposing of end-of-life electronic devices, one in five C-Suites (21%) and SBOs (12%) say they have a policy, but not all employees are aware of it. Four in 10 (42%) SBOs say no policy exists in their organization.

U.S. businesses acknowledge remote work is important to employees, but worries of a data breach grow.

  • 94% of C-Suites and 79% of SBOs agree with the statement that they believe the option to work remotely is going to become increasingly important to their employees in the next 5 years.
  • However, 88% of C-Suites and 69% of SBOs agree with the statement that the risk of a data breach is higher when their employees work off-site than it is when they work at the office.
  • One in six (16%) working Americans say their organization has suffered a data breach, at some point in the past.

Despite investments in digital security, U.S. businesses remain vulnerable due to lack of information and cyber security training.

  • Of the money their organization spends on data security, C-Suites say 59% is spent on digital security and 41% on physical document security, on average. SBOs say 56% is spent on digital security and 44% on physical document security, on average.
  • One in 10 C-Suites (10%) and nearly one in 10 SBOs (9%) say they train their staff only once during their employment on their organization’s information security policies and procedures.
  • Although the majority of C-Suites (88%) regularly train employees on how to identify common cyber-attack tactics such as phishing, ransomware, or other malware (malicious software), however, only slightly more than half of SBOs (52%) say the same.
  • Around three in five (58%) working Americans have been targeted by phishing email or social engineering scams at work, of which eight percent (8%) claim to have been victimized by them.

Americans think their personal data and information is less secure than it was 10 years ago.

  • Consumer confidence in data security is low with more than half (60%) believing their personal data and information is less secure than it was 10 years ago.
  • With those concerns, it’s no surprise that 83% of consumers say digital data security is a top priority when choosing who to do business with.
  • Additionally, nearly seven in 10 consumers (66%) do not trust that all digital data breaches are properly disclosed to consumers and not kept secret.

Links:
Shred-it

You May Also Like

Proactive Dealer Solutions Achieves Multiple Compliances

Certification is part of the company’s mission to deliver exceptional service while maintaining a secure environment for all client data.

Proactive Dealer Solutions, a maker of automotive dealership training and advanced software solutions, announced that it has achieved System and Organization Controls (SOC), SOC 2, and GLBA compliance. This accomplishment marks a significant milestone in the company’s ongoing commitment to data security and privacy.

SOC and SOC 2 Compliance

U.S. Automobile Dealer Sentiment: Dealers Remain Pessimistic, Cautious

Cox economists note that dealer sentiment is likely worse than actual market conditions, stating that while profits are down from all-time highs, they still believe the dealer business is healthy.

Benchmark Data Suite Unveils Benchmark Alert System

This innovative system delivers real-time, actionable insights to enhance dealership performance and accountability.

Reynolds and Reynolds Donates $5 Million to Northwood University

The donation will help fund the construction of the new Center for Automotive & Mobility Studies at Northwood University.

Alan Jay Wildstein Donates $5 Million for Historic Project

The new facility at Northwood University will house a new Center for Automotive & Mobility Studies (CAMS).

Other Posts

Manheim Launches 4 Star Auto Auction in Alabama with TR Group

Manheim’s new fixed mobile site offers local dealers convenient access to needed inventory in Valley, Alabama.

FrogData Unveils Major AI Factory Upgrade

The upgrade aims to revolutionize automotive retail operations in used car pricing, service management, and negotiation strategies.

Babcox Media Appoints Tom Pecka as Director of Strategic Partnerships

Tom Pecka will lead the development of strategic media partnerships and sponsorships, enhancing media activations across diverse channels.

Reynolds and Reynolds, DealerOn Team Up

The partnership seeks to help dealers drive more engagement, increase conversions and speed up time to decision.