KUALA LUMPUR: The negligence by top-level executives, information technology administrators, employees and other authorised personnel that have access to sensitive and confidential data had contributed to numbers of data leakages case reported in South-East Asia recently.

According to the latest research findings by InfoWatch Analytics Centre, the research unit of cybersecurity and data leak prevention expert, InfoWatch Group, about 56% of the incidents of compromised data were caused by internal violators and 44% were the result of external attacks and former employees.

In a statement on Friday, its chief international business development officer, Vladimir Shutemov, said the research discovered that users with advanced permissions, either unwittingly or deliberately, caused the leakage because they were ‘unhappy’ with any attempt by  their organisations to control their personal computers, laptops and mobile phones.

“It is a disturbing sign to see that a relatively high percentage of leaks stemmed from top managers and system administrators who fall into the category of ‘privileged users’.

“Leaks due to blunders, intentional violation of rules or malicious activities of privileged users are the most destructive as they have more access to sensitive data compared to rank-and-file employees,” said Shutemov, who is also the head of Infowatch South-East Asia operations based in Kuala Lumpur.

He said by industry category, the research by the Russian-based company also pointed out that up to 43% of leakages in the region stemmed from public institutions, including government, military and law enforcement agencies, compared to only 13% worldwide.  

In terms of types of data leaked in South-East Asia, South Korea, India and Bangladesh, the report cited that personal data accounted almost 77%, followed by payment details at 15%, trade secrets or know-how at 5%, and state secrets which was close to 3%, he said.

He said by comparison, globally, the research that was based on information sources in the media and other public domains between July 2016 and July 2017 found out that 62% of data leaked was personal data, while up to 31% of data stolen were payment details.

“By channels, browsers and cloud storages turned out to be the most common means data is leaked, almost 74% of all cases, while equipment loss such as stolen laptops and popular use of instant messenger apps caused 14% of leaks respectively.

“Globally, browsers and cloud storages were used in 61% of data leaks, followed by email at 23% and paper documents at 8%,” he said.

He said even though more needed to be done to ward off the threat, South-East Asia and other Asian countries were working hard to improve cybersecurity.

“It can be seen that the governments have beefed up personal data laws while enterprises utilised information security tools against external and internal intruders more often,” he said. - Bernama