• by Ray Schultz , February 19, 2020

IT professionals apparently go home at night with one worry on their minds: Inside data breaches.

A full 97% say insider breaches are a major fear, according to a study by Opinion Matters commissioned by security firm Egress.

In addition, 78% think employees have accidentally put data at risk in the last 12 months. And 75% believe employees have put data at risk intentionally.

However, 58% say employee reporting is more likely than breach detection systems to alert them to insider breaches.

Only 50% of IT leaders say are using anti-virus software to combat phishing attacks, and 48% are using email encryption and 47% provide secure collaboration tools.

The possible damages include financial loss, according to 41%, in part because of privacy regulations of more stringent data privacy regulations like the California Consumer Privacy Act.

Some problems result from employee misconceptions about data ownership.

Of the employees polled, 29% say they or a colleague had intentionally shared data in the past year—against company policy.  

In addition, 46% believe they or a colleague had broken company policy when they took data with them to a new job. And 26%) agree they took a risk when sharing data because they weren’t provided with the right security tools. 

Directors are the most likely to take data to a new job — 68% of those who had intentionally broken company policy had done so, versus the overall average o 46%. 

“While they acknowledge the sustained risk of insider data breaches, bizarrely IT leaders have not adopted new strategies or technologies to mitigate the risk,” states Egress CEO Tony Pepper.

Pepper adds: “Effectively, they are adopting a risk posture in which at least one-third of employees putting data at risk is deemed acceptable." 

Opinion Matters surveyed over 500 IT leaders and 5,000 employees in the UK, U.S. and Benelux countries.