Insider breaches the top cause of cyber incidents according to latest ICO data

ICO’s quarterly report shows that over half (57%) of reported security incidents were caused by employees within the company

London, UK – July 7th 2021 – Insider data breaches were the leading cause of data and cybersecurity incidents reported to the ICO in the first quarter of 2021, according to the ICO. 57% of reported incidents were caused by insiders, with over 1,000 incidents reported in the first three months of 2021. Most of the incidents were caused by misdirected emails with over 400 reports to the ICO. Phishing was the second largest cause, with over 200 incidents caused by employees falling for malicious email.

For the fourth straight quarter, healthcare was the hardest hit, with over 420 reported incidents in just three months, while financial services was the industry with the highest number of phishing attacks.

Comment from Tony Pepper, CEO of Egress: “Insider risk is the most complex security flaw in any business and the latest report from the ICO shows the real scope of the problem. From misdirected emails to employees falling for phishing attacks, companies lose an incredible amount of data to their employees. Since many companies are only aware of a fraction of these incidents, the real cost of an inside data breach can be much higher than here.

The technology exists to solve this problem – it is now up to companies to make sure they are taking the right steps to ensure that their human layer is protected. “

For more information and interview requests, please contact:
Jordan Brackenbury, PR manager
+44 (0) 207 624 8500

About egress
Our mission is to eliminate the most complex cybersecurity challenge facing any business: insider risk. We understand that people get hacked, make mistakes and break the rules. To prevent these man-made security breaches, we built the only human layer security platform that blocks incoming and outgoing threats. We use patented contextual machine learning to detect and prevent abnormal human behavior such as misdirected emails, data exfiltration and targeted spear phishing attacks.

Egress is used by the world’s largest brands, is backed by private equity and has offices in London, New York and Boston.

Recent articles

Crypto exchanges struggle as El Salvador adopts Bitcoin

Today, Bitcoin is becoming an official currency in El Salvador, and the markets and crypto exchanges seem to be struggling. On...

Schools are back – and time to comply with the ICO’s Age Appropriate Design Code

As of September 2, 2021, the United Kingdom's Information Commissioner's Office ("ICO") expects organizations to use their Age Appropriate Design Code ("AADC"). The...

the ICO wants input on when personal data goes international

You don't have to be a data-focused IT service provider to realize that the UK was lucky enough to receive an adequacy decision from...