LONDON, June 26 — As businesses spend billions of dollars a year trying to protect their data from hacking that’s costing trillions, they face another threat closer to home: Data theft by their own employees.
That’s one of the findings in a survey to be published by management consultant Accenture Plc and HfS Research tomorrow.
Of 208 organisations surveyed, 69 per cent “experienced an attempted or realised data theft or corruption by corporate insiders” over the past 12 months, the survey found, compared to 57 per cent that experienced similar risks from external sources. Media and technology firms, and enterprises in the Asia-Pacific region reported the highest rates — 77 per cent and 80 per cent, respectively.
“Everyone’s always known that part of designing security starts with thinking that your employees could be a risk but I don’t think anyone could have said it was quite that high,” Omar Abbosh, Accenture chief strategy officer, said in an interview in Tel Aviv, where he announced Accenture’s purchase of Maglan Information Defence & Intelligence Group, an Israeli security company.
Each year, businesses currently spend an estimated US$84 billion (RM343.9 billion) to defend against data theft that costs them about US$2 trillion — damage that could rise to US$90 trillion a year by 2030 if current trends continue, Abbosh forecast. He recommended that corporations change their approach to cybersecurity by cooperating with competitors to develop joint strategies to outwit increasingly sophisticated cyber-criminals.
“There’s a huge business rationale to share and collaborate,” he said. “If one bank is fundamentally breached in a way that collapses its trust with its customer base, I could be happy and say they’re all going to come to me, but that’s a false comfort” because “it pollutes the whole sphere of customers because it makes everyone fearful,” he said.
Despite recent high-profile data breaches of Sony Corp, Target Corp and the US Office of Personnel Management, many corporations do not yet consider cybersecurity a top business priority, Accenture found. Seventy per cent of the survey’s respondents said they lacked adequate funding for technology, training or personnel needed to maintain their company’s cybersecurity, while 36 per cent said their management considers cybersecurity “an unnecessary cost.” — Bernama