Insider data breaches were the top cause of data and cybersecurity incidents reported in the first quarter of 2021, according to the ICO. 57% of reported incidents were caused by insiders, with over 1,000 incidents reported in the first three months of 2021.
Misdirected email was behind most of the incidents, with over 400 reports. Phishing was the second-biggest named cause, with over 200 incidents caused by employees falling for malicious emails.
Healthcare reporting over 420 incidents caused by insiders
For the fourth quarter running, healthcare was the hardest hit, with over 420 reported incidents in just three months, while financial services was the industry targeted with the most phishing attacks.
Comment from Tony Pepper, CEO of Egress: “Insider risk is every organization’s most complex security vulnerability, and the ICO’s latest report drives home the true scale of the problem. From misdirected emails to employees falling for phishing attacks, organizations are losing a staggering amount of data through their people.
“With many organizations aware of only a fraction of these incidents, the true cost of insider data breaches may be much higher than what we’re seeing here.
The technology exists to solve this problem – it’s now up to organizations to ensure that they’re taking the right steps to ensure that their human layer is protected.”