The table discussed in this post is found on page 11 of the Verizon 2010 Data Breach Investigations Report.
According to the table, the highest percentage of data breaches occurs in to 1,001 to 10,000 employee firm. The report makes a key point of noting that it’s possible and logical that organizational size has little affect on the possibility of suffering a data breach. The probability of a breach is more correlated with the value of information in a firm rather than the number of employees. Surprisingly, firms with over 100,000 employees have the lowest percentage of data breaches. I infer that these massive corporations put an incredible amount of resources into data loss prevention, maintenance and corporate technology policies that drive the low data breach rates. Similarly, a smaller, 1-10 employee firm with little valuable data does not have the need or resources for an expensive data loss prevention strategy. The conclusion is, as the report states, the size of the organization has a minor impact on the rate of data breaches. The real driver of data leakage is the type of information stored within the network. If your organization has valuable information, it is prudent to develop a secure Data Loss Prevention Strategy.
Great article highlighting the need for everyone to have a much higher computer/data security awareness. Check some reinforcing content at the blog, "The Business-Technology Weave" (can Google to it) - it reflects what this article is saying. The majority of breaches are due to human error, therefore awareness and common sense are key, in supporting all necessary best practices. The blog author also has a book we use at work, "I.T. WARS" (you can Google that too). It has a great Security chapter, and others that treat security. Highly recommended. Great stuff.
ReplyDelete