Security Report: Few Breaches Have Malicious Intent

Further evidence that every cloud has a silver lining: According to a new CompTIA study of 2007 IT security trends, three out of every four severe data breaches that companies experienced were not the result of purposeful action.In fact, the No. 1 cause, cited by 29 percent of more than 2,000 IT security pros, was good ol' human error; a failure to follow security procedures (45 percent) and a lack of security know-how (25 percent) topped the reasons behind those errors. Another 14 percent of survey-takers cited technical malfunctions as the culprit behind security breaches. As for the intentional breaches, 10 percent were caused internally, while 16 percent came from outside a company.

CompTIA also found companies spending more on security -- 12 percent of their IT budgets went to security, up from 7 percent in 2006. Around 40 percent of a company's security budget goes into training, which in turn has saved U.S. firms up to $2.2 million overall, according to CompTIA.Dark Reading

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading