Study finds more data breaches are inside jobs – SFGate

Companies need to protect themselves both inside and out. According to a report by Verizon and the Secret Service, summarized in the article below, while external parties still pose the largest threat, 48 percent of security breaches originated from within the organization.

Organized cyber-criminals and malicious insiders were responsible for most corporate data breaches in 2009, and used tactics like credential abuse, hacking and sophisticated social engineering to get away with their heists, according to a new report by Verizon and the Secret Service.

In a first-of-its-kind collaboration, Verizon and the Secret Service confirmed 141 breach cases in 2009 that resulted in 143 million compromised records. With the addition of three years of Secret Service data, Verizon has now documented more than 900 data breaches over the last six years involving 900 million individual records.

“The chance to study a larger set of breaches is certainly something that we enjoyed,” said Wade Baker, director of research intelligence at Verizon Business. ”

Adding the Secret Service data contributed to give us a more accurate picture.

“The additional information revealed a much higher number of inside breaches than previous reports had shown, with 48 percent of breaches originating from inside a business or organization. However, external parties still posed a larger threat, having been involved in 70 percent of all cases 27 percent of the cases studied were plotted by a combination of agents, which accounts for overlaps.

via Study finds more data breaches are inside jobs – SFGate.

viaForensics has developed tools and services to help organizations protect themselves from both internal and external threats. But organizations needs to start taking actions proactively rather than waiting until the breach occurs.