SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Employee errors 'the most significant threat to personal data' - report
Wed, 8th Apr 2020
FYI, this story is more than a year old

The cyber threats posed to employees working from home in light of COVID-19 restrictions around the world are well-known – heightened vulnerability to coronavirus-related phishing has been reported on extensively.

But according to a report released today by nCipher Security, employees actions and mistakes are increasingly being recorded as one of the most significant risks to an organisation's security posture.

This year's Global Encryption Trends Study surveyed 6,457 IT professionals across multiple industry sectors in 17 countries/regions.

The report was completed in collaboration with the Ponemon Institute and captures how organisations around the world are dealing with compliance, increased threats, and the implementation of encryption to protect their business-critical information and applications.

The study indicates that employee mistakes are cited to be the most significant threat to sensitive data, with 54% of respondents rating it accordingly.

This significantly outweighs concerns over attacks by hackers (29%), or malicious insiders (20%).

In contrast, government eavesdropping (11%) and lawful data requests (12%) are seen as least significant threats, according to the nCipher report.

67% of respondents cited the proliferation of data as their number one challenge, and this is set to intensify with more people using data at home and increased use of cloud storage for remote working, according to nCipher.

54% of respondents say protecting customer personal information has become the top driver for deploying encryption for the first time.

The highest prevalence of organisations with an enterprise encryption strategy is in Germany (66%) followed by the United States (66%), Sweden (62%) and Hong Kong (60%) Netherlands (56%), and the United Kingdom (54%).

54% of respondents cite payment-related data is the most likely type of data to be encrypted in the organization.

The study indicates that 48% of organisations have adopted encryption strategies across their enterprises, up from 45% in 2019.

In the near term, 60% of organisations plan to use blockchain, with cryptocurrency/wallets (62%), asset transactions (53%), identity (47%), supply chain (49%) and smart contracts (36%) cited at the top use cases.

The manufacturing industry is seeing the most significant increase in extensive encryption usage, according to the report.

49% of respondents from a manufacturing organisation, 44% from hospitality and 43% from the consumer product sector have enterprise-wide encryption strategies in place.

This is in comparison to an 8-year average of 30%, 32% and 29% respectively.

The report comes a month after nCipher announced its partnership with DNA Connect with the aim to distribute its data protections and cybersecurity solutions across Australia and New Zealand.

In its announcement, nCipher revealed 51% of Australian organisations have an overall encryption plan or strategy that is applied consistently across the entire enterprise, according to a 2019 encryption trends report.

It also revealed that Australia has the third-highest prevalence of enterprise encryption strategies of the surveyed countries, behind Germany and the United States.