More business transactions occur electronically every year, and organizations are retaining a growing volume of sensitive data. For many organizations, data has become an invaluable asset — the lifeblood of their operations. Access to this data is available to an expanding user base, including employees, business partners, suppliers and customers. IT infrastructures are more extensive, more complex, more distributed — and more accessible.
This interconnectedness affords many benefits for businesses, government agencies and consumers alike — but it also potentially introduces a great deal of risk. The more access points an organization maintains, the greater the possibility of compromised systems or data theft.
To help secure their data, companies have generally focused much of their efforts on protecting themselves from threats from outside of the organization. However, a growing wave of data losses caused by human error and fraud from within the organization illustrate the degree of risk to companies and government agencies. And the stakes are high — especially as repositories of private information expand.
Growing public concern over the security and privacy of personal data has placed many companies and government agencies in the spotlight — and countries around the world are developing regulations designed to support confidentiality.
In a recent global business security report, IBM identified a burgeoning trend toward small, targeted insider attacks — rather than sweeping global threats such as worms, spam, viruses and other malware. Insider attacks can be a significant threat to the security and privacy of data.