COVID-19 causing error
On 25th May 2020, the Information Commissioner’s Office (ICO) “attributed 337 data breaches in the fourth quarter of 2019 to the perennial issue of data being “emailed to incorrect recipient”.” [1] When we break this down, it equates to around five or more emails being sent to the wrong person every day suggesting a huge problem with IT processes in general.
The current situation surrounding Covid-19 means a great deal of people are now working from home, when possible, and this has created on average a “23 percent rise in email usage as organisations rely even more heavily on it as a critical business communication tool.”[2] It has been suggested that, “While organisations often focus on how [emails] can be exploited for inbound attacks like phishing, ‘inadvertent insiders’ making mistakes are a far greater risk.[3]
A common problem
Email security provider Egress published a survey titled, Current Status of Data Privacy Compliance. The results of this survey highlighted that “around 44 percent of employees admit that they’ve mistakenly exposed personally identifiable information (PII) or business-sensitive information using their corporate email accounts.”[4] What needs to be concentrated on here are companies’ policies and training of staff to ensure simple mistakes, which have a huge impact, are not happening.
In order to do so, organisations must give their employees easy-to-use tools. However, you also “have to recognize that no matter how much training you do, you can’t solve for every problem with human beings in the chain”.[5] A worrying point that must be made is that the figures mentioned above, are only those that have been reported to the ICO. A number of breaches will remain covered due to companies’ own disregard and also the lack of knowledge of those people affected.
__________________________
[1] https://www.cbronline.com/news/biggest-cause-of-data-breaches
[2] https://www.cbronline.com/news/biggest-cause-of-data-breaches
[3] Tony Pepper, CEO of Egress
[4] https://www.cisomag.com/corporate-email-is-a-root-for-accidental-data-breaches-survey/
[5] https://www.modernhealthcare.com/article/20171212/NEWS/171219976/email-is-the-biggest-source-of-data-breaches