Most data breaches today do not occur due to flawed code or hackers breaking into a system – they happen as a result of employee error.
This is according to a new report from Egress, which claims that four in five organizations have seen sensitive data compromised as a result of information delivered to the wrong person via email.
Polling 538 senior IT, IT security and information security leaders, the company found that 16 percent of businesses don’t have a failsafe in place to protect against email incidents of this kind.
The report states that 93 percent of businesses also reported an increase in outgoing emails, with half of respondents identifying an increase of more than 50 percent. The rise came as a result of the remote working explosion, which has expanded the surface area for risk.
In most cases, employees send sensitive data to the wrong address when they’re stressed or overworked. Pair that with an increasing number of emails sent and you get a higher likelihood of compromise.
A third of “severe” incidents in the last year happened while an employee was working remotely.
“Data breaches as a result of outbound email are often overlooked and underreported, meaning businesses and people aren’t aware of the true scale of the problem,” reads the report.
“In fact, the ICO recently reported misdirected emails are the number one cause of categorized incidents reported, and responsible for 44 percent more incidents than phishing attacks.”