Below is an outline of data theft statistics, from different resources. Despite the variety of resources, they all say the same thing: Data theft is common, it happens regularly, and everyone knows its going on.
- 95% of IT security professionals in the financial sector perceive computer crime as a major business risk
- 73% of CIOs (Chief Information Officer) and CSOs (Chief Security Officer) stated they there were more concerned about data theft than external hacking.
- 68% of CIOs stated that critical data, within their company, was at risk
- 25% of CIO s stated that there had been a breach of data, within their company.
- 42% of CIOs did not know if there has been a breach, in their company.
i.e 67% of of CIO state there has been a data theft, or they do not know if there has been.
The report by ID Analytics states that those who have had their data stolen deliberately, e.g by theft from an employee with access to the data, are 12 times more likely to be victims of fraud than those who have their data lost by accident (e.g missing laptop). This, while not surprising, is a figure worth knowing when managing securirty risks.
The ITC 2008 Reports that over 40% of the incidents of data breaches/data theft the number of records lost or exposed are not reported or fully disclosed. Or to put it another way, all the statistics are a lot higher than actually stated.
Data Theft/Data Breaches – by industry:
- 37% for Business/Commerce
- 20.3% for Educational
- 15.6% for Health care/Medical
- 15.4% for Government/Military
- 11.6% for Banking/Finance
Data Theft/Data Breaches – by cause:
- 12.9% hacking/external attack
- 21% lost laptops and/or other media
- 15.6% theft by company employees
- 14% accident, e.g. accident publishing on a website
- 11% due to subcontractor