Human Error Is The Number One Cause Of Data Breaches

Recent research at the beginning of this year claimed that 22,000 USBs are left in Dry Cleaners every year.

With ample research to suggest that human error is the biggest cause of data breaches, we have to ask, if this is really surprising? The proliferation of data loss stories in the media proves that the problem of human error, or indeed, human nature, isn’t going anywhere so isn’t it time that enterprises woke up, smelled the coffee and invested in technologies that protect itself from its employees?

The USB research, by internet security firm ESET found that on average, four USBs are left in dry cleaners every year, equating to 22,266 USBs nationwide. Devices were only returned to their rightful owners 45% of the time.

There were more amusing things left such as viagra, condoms, and dentures, but these are significantly less likely to breach your corporate network. Nevertheless, it shows human nature’s propensity to make mistakes.

Human error is the number one cause of data breaches

There is broad agreement within the industry that human error is the cause of most data breaches. The IT Policy Compliance Group says 75% of ALL data loss is due to human error. The Aberdeen Group says 64%, CompTIA said 52% of the root cause of security breaches are caused by human error and most recently, Databarracks said the top cause of data loss was employee accident (24%). 

Protect yourself from your employees

As it is human nature to make mistakes, and those mistakes are very clearly the top cause of data breaches, enterprises need to start protecting themselves from human error. They need to put themselves in a position where it doesn’t matter how many mistakes are made, or USBs get lost. To do this, they need both the right technologies and the right culture.

The kinds of technology that can help

Opting for technology solutions which includes location tracking means that the lost USB can often be found after a loss. Location tracking technology also allows the enterprise to limit access on an adhoc basis or via rules, so that data is only available within certain geographic zones.

One of the many issues with lost USBs is not knowing or not being able to prove to the ICO what was on, or not on, the device. With file auditing, the enterprise can see all the files that are added, copied, printed or deleted from all devices, at all times.

On its own, encryption isn’t enough but in combination with technologies like those above, it can be a good solution for the IT security department’s toolbox. Beware of difficult encryption that end users will find ways to disable.

The ability to delete data remotely is a very powerful one. Beware of the technologies you choose here though as some devices can only have data wiped with connected to the internet which of course, a USB may or not ever be connected to.

There are two common themes with these types of technologies.

Firstly, they take control away from the end-user and put it firmly in the hands of the enterprise.

Secondly, as well as helping the enterprise monitor its data generally, these technologies also serve to help deal with the scenario of a USB or mobile device being lost so there is something you can do should the inevitable mistakes happen.

For any data security technology to be successful, it must be introduced in an environment that includes training on how to handle corporate data not with a blame culture, but instead one that promotes that reporting a data breach to a line manager is a good thing and not something that will get them fired.

source: Norman Shaw Founder and CEO of ExactTrak


DriverUpdate Is A SCAM!



DriverUpdate is a bogus = FAKE utility program that intentionally displays fake pop-up alerts and messages on victims computer. This software can sneak into computer through the Trojan that can be acquired when victims fake scanner from This rogue program will disguise to scan the computer and alerts users of possible infected files. It will only allow downloads of updated driver when you purchase the DriverUpdate serial or registration key. Besides the fact, that the hackers could steal your identity, or steal your information, and charge your credit card and still not clean up your system. If this malicious application is spotted on your PC, REMOVE IT IMMEDIATELY.

When DriverUpdate exists on the computer, it will display a barrage of FAKE alerts stating that computer is in danger, outdated program, or security is breached. These alerts will only try to convince victims to purchase DriverUpdate. It blocks program from running and state that they are infected by means of pop-up alerts. Another trick is to redirect Internet browser to a page “error” page that also contains warning and advise users to get the paid version of DriverUpdate.

Overall, DriverUpdate was developed to make computer believe that computer is infected and this program is necessary. In real computer security world, DriverUpdate is the only virus that resides on the system trying to act as a legitimate tool in an attempt to scam computer users and earn a profit from this illegal activities. Remove DriverUpdate as soon as it is observed on the computer! It is a SCAM!

How Law Enforcement Can Use Google Timeline To Track Your Every Move


crew-22312This is a built in feature on all new Windows operating systems.

Unless the reader want’s his writings and message to become an open book to the F.B.I. and D.O.J, it might be worth considering getting an iMac or a Mac Book Pro.


“Consider including Gmail, photos and videos, search history, contacts, applications, other connected devices, Google Voice and Google Wallet, if they are relevant to the investigation,” the report suggests.

Investigators are also advised to include a non-disclosure order with their search warrants for Google data, which prevents the company from notifying the account holder that their data is being provided to law enforcement.


The End

View original post

You’re Still Modeling Growth Incorrectly

You’re Still Modeling Growth Incorrectly


[tc_contributor_byline slug=”noah-kagan”]

When I first got the job running marketing at Mint, founder and CEO Aaron Patzer told me that we had to get Mint to 100,000 users within six months of launching.

The number itself didn’t intimidate me: Before Mint, I had been Facebook employee No. 30. I’d witnessed crazy, exponential user growth first-hand. The difference was that at Mint, we were pre-product and certainly pre-repeatable-growth-engine. That meant we had to invent something from scratch.

I won’t lie, I was nervous. I started by drawing up a marketing plan.

The result: After 12 months, Mint had more than 1,000,000 users.  We made it a whole extra comma above our target.

In the startup world, where growth is as essential to life as oxygen, falling short of your growth goals means your company dies.

Given the life-or-death importance of achieving growth, it’s ironic that growth teams, marketers and founders…

View original post 932 more words

Spying goes Mainstream: Windows 10 Spies on Everything You Do

Engineering Evil

Monday, 03 August 2015

We can see the lines forming of people rushing to buy Windows 10.

Included in Microsoft’s new 12,000-word service agreement, which goes into effect August 1, is the following excerpt from the privacy policy:

“We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to.”

And while Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy, users are opted in by default. Rock, Paper, Shotgun explains the opt-out process step by step.

Windows 10 will sync settings and data by default with its servers. That includes browser history, favorites and currently open web pages, as well as saved app, website and mobile hotspot passwords and Wi-Fi…

View original post 191 more words

[VIDEO] George Gilder: Net Neutrality Is a ‘Ludicrous’ Idea That Will Shrink the Economy

pundit from another planet

“Everything on [the Internet] is changing minute by minute,” says George Gilder, “and the idea of establishing a level playing field, as if all bandwidth is homogeneous, is just ludicrous.”

View original post

Backdoor Gov’t Encryption: Is it about Criminals or about you?

Hammerhead Combat Systems



Mr. A (HCS’ Resident Cyber-Gandalf)

A lot of citizens would immediately think they should so that the government could better catch criminals and terrorist. After all, wouldn’t all of us want terrorist stopped and criminals caught? Of course we would. Does backdoor encryption access accomplish this, or is there something else at work?

Here’s the thing:

Smart terrorist and smart organized criminal groups will avoid potentially compromised systems. That means proposals like this oneHERE are utterly stupid, and only about surveillance on you the innocent citizen.

So what is being proposed? This, essentially, is packaged as a ‘fair balance’ between privacy and government access to data. With a a biometric backdoor, the government could only access your data with a warrant that required you to use your biometric entry to access the data and decrypt it.

Sounds fair right?

Problem #1:  Biometrics are not the gold standard in access…

View original post 328 more words

%d bloggers like this: