London, UK – 7th July 2021 – Insider data breaches were the top cause of data and cyber security incidents reported to the ICO in the first quarter of 2021, according to the ICO. 57% of reported incidents were caused by insiders, with over 1,000 incidents reported in the first three months of 2021. Misdirected email was behind most of the incidents, with over 400 reports made to the ICO. Phishing was the second-biggest named cause, with over 200 incidents caused by employees falling for malicious emails.
For the fourth quarter running, healthcare was the hardest hit, with over 420 reported incidents in just three months, while financial services was the industry targeted with the most phishing attacks.
Comment from Tony Pepper, CEO of Egress: “Insider risk is every organisation’s most complex security vulnerability, and the ICO’s latest report drives home the true scale of the problem. From misdirected emails to employees falling for phishing attacks, organisations are losing a staggering amount of data through their people. With many organisations aware of only a fraction of these incidents, the true cost of insider data breaches may be much higher than what we’re seeing here.
The technology exists to solve this problem – it’s now up to organisations to ensure that they’re taking the right steps to ensure that their human layer is protected.”