Outsiders report breaches to ICO

IT leaders say almost a third of breaches reported to ICO are by outsiders according to further findings from the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, Apricorn’s (www.apricorn.com) annual research into cyber breaches, encryption and data security.

According to the findings 32% of surveyed UK security decision makers have revealed that their organization has been reported by someone else to the ICO for a data breach/potential breach since GDPR came into effect.

Previously, the number of organizations being reported from outside the organization had seen a decline from 10% in 2021, down to 4% in 2022.  However, 2023 has seen a huge increase of 32% indicating that although people have greater awareness in recognizing the signs of a data breach and the importance of reporting them, there does appear to be a lack of awareness or due process happening internally within organizations.

“Not all breaches are reportable, but likely recordable.  The fact these breaches have been reported from outside the organisation may indicate that internal teams are not as aware as they should be of transgressions.  But equally, if those doing the reporting simply work externally, this could reveal some confusion over how the breach should be reported and indicates the opposite – that staff are becoming more vigilant,” says Jon Fielding, Managing Director, EMEA Apricorn.

“That said, 40% of breaches/potential breaches were reported to the ICO by someone within the organization, again highlighting increased awareness around the importance of disclosure and speedy remediation when complying with regulations such as GDPR and in order to avoid the punitive fines that can come from non-compliance.”

Apricorn’s findings also revealed that almost 50% (48%) of surveyed IT decision makers say mobile/remote workers knowingly put corporate data at risk of a breach, and 51% of organizations expect them to expose the business to the risk of a breach.  In addition, the survey found that 24% believe mobile/remote working makes it harder to comply with GDPR which could also explain the increase in breaches being reported as more employees work on a remote basis.

Whilst almost a quarter (24%) of breaches resulted from ransomware attacks, insider threats appear to be the biggest threat with 40% citing these (22% unintentional and 20% intentional) as the main cause of a data breach within their organization.  Other user-related threats ranking highly were; phishing emails (21%) and lost/stolen devices containing sensitive corporate information (18%).  

“It seems the education is lacking when it comes to protecting against a breach, but employees are well practiced in how to report them.  Businesses need to think carefully about the former and be prepared for the when, and not the if,” says Fielding.  “But the fact that almost double the number of breaches were caused by insiders as opposed to phishing attacks is startling given that phishing is widely regarded as the number one threat by many.  What this tells us is that businesses should be looking to reinforce a culture of security and ensure data is always protected and at all costs!”