Data Theft Continues to Rise
- Local Expert Supports Survey* Findings
New Zealand computer forensics experts support the findings of a recent international survey in which 35% of IT staff
believe that sensitive information has been passed into the hands of competitors.
Commenting on the survey findings, Brian Eardley-Wilmot of Computer Forensics NZ says that whilst human error does play
a part, by far and away the biggest culprits are likely to be disgruntled employees and ex-employees. "Many companies
are blissfully unaware of the risk they face when a disgruntled employee leaves the company" said Eardley-Wilmot.
"The risk is equally high across all departments and for large or small companies. “
“Management may never know that deletion or theft of data has taken place until it is too late."
The survey reports that databases and confidential R documents were the most-at-risk sensitive information. Equally alarmingly there has been a major rise in IT
professionals using their privileges to access confidential or sensitive information about their company's business
operation or HR related records.
According to Eardley-Wilmot databases are easy pickings as they can be copied and taken off site by users without being
seen. “Companies are lax about protecting the lifeblood of their company.
“It’s just far too easy in most companies for an employee to copy confidential data to a USB stick or email it off-site”
says Eardley-Wilmot
He believes it is unlikely that the findings would be significantly different should the survey be replicated here in
New Zealand.
"If a company suspects an incident might have occurred it is critically important that computer forensic experts in the
field are called in immediately and an investigation started, as over time vital evidence can be overwritten" he says.
“In over 10 years of conducting computer investigations we have noted that if managers suspect data theft has occurred,
99% of the time they’re right!”
Note: The survey was conducted with more than 400 IT administrators at Infosecurity Europe 2010 and RSA USA 2010 by
Cyber-Ark® Software, a UK based leading provider of Privileged Identity Management (PIM) solutions.
ENDS