For companies that have critical information assets such as customer data, intellectual property, trade secrets, and proprietary corporate data, the risk of a data breach is now higher than ever before. In fact, more electronic records were breached in 2008 than in the previous four years combined.
This growth in data breaches should come as no surprise. In a world where data is everywhere, it has become harder than ever for organizations to protect their confidential information. Complex, heterogeneous IT environments make data protection and threat response very difficult. Yet today's businesses depend on their security teams to ensure that collaboration and sharing by an increasingly mobile workforce remains safe and secure.
While the continuing onslaught of data breaches is well documented, what is far less understood is why data breaches happen and what can be done to prevent them. This paper examines the three most common causes of data breaches—well-meaning insiders, targeted attacks from outside the organization, and malicious insiders-- and then illustrates each cause to show that breaches can occur in. It also offers a broad perspective on what can be done to stop data breaches, as well as specific recommendations for preventive action.