Top level executives among those responsible in data leakage in ASEAN

KUALA LUMPUR, Oct 13 : The negligence by top-level executives, IT administrators, employees and other authorised personnel that have access to sensitive and confidential data had contributed to a number of data leakage cases reported in Southeast Asia recently.

 

Dubbed as the most serious threat to data privacy in the region, about 56 percent of the incidents of compromised data caused by the aforementioned internal violators  while 44 percent of leakages were the result of external attacks and former employees, according to the latest research findings by cybersecurity and data leak prevention expert InfoWatch Group.

 

Its Chief International Business Development Officer Vladimir Shutemov in a statement said the research discovered that users with advanced permissions, either unwittingly or deliberately, caused the leakage because they were ‘unhappy’ with any attempt by  their organisations to control their personal computers, laptops and mobile phones.

 

“It is a disturbing sign to see that a relatively high percentage of leaks stemmed from top managers and system administrators who fall into the category of ‘privileged users’.

 

“Leaks due to blunders, intentional violation of rules or malicious activities of privileged users are the most destructive as they have more access to sensitive data compared to rank-and-file employees.”  said Shumetov, who is also the Head of Infowatch Southeast Asia Operations based in Kuala Lumpur.

 

He was citing the latest findings of InfoWatch research unit, InfoWatch Analytics Center, on data leaks reported by governments, commercial and non-commercial organisations in Southeast Asia, South Korea, India and Bangladesh.

 

By industry category, he said the research by the Russian-based company also pointed out that up to 43 percent of leakages in the region stemmed from public institutions including government, military and law enforcement agencies, compared to only 13 percent worldwide.

 

In terms of types of data leaked in Southeast Asia, South Korea, India and Bangladesh, the report cited that personal data accounted almost 77 percent, followed by payment details at 15 percent, trade secrets or know-how at five percent, and state secrets which was close to three percent.

 

By comparison, globally, he added the research that was based on information sources in the media and other public domains between July 2016 and July 2017 found out that 62 percent of data leaked was personal data, while up to 31 percent of data stolen were payment details.

 

“By channels, browsers and cloud storage turned out to be the most common means data is leaked, almost 74 percent of all cases, while equipment loss such as stolen laptops and popular use of instant messenger apps caused 14 percent of leaks respectively.

 

“Globally, browsers and cloud storage were used in 61 percent of data leaks, followed by email at 23 percent and paper documents at 8 percent,” he said.

 

Even though more needs to be done to ward off the threat, Shumetov noted that Southeast Asia and other Asian countries are working hard to improve cybersecurity and it can be seen that the governments have beefed up personal data laws while enterprises utilised information security tools against external and internal intruders more often.

 

More stories