InfoWatch Group has released a report on confidential data leaks from organizations in the Middle East, covering the period from July 1, 2017, through June 30, 2018.
According to InfoWatch Analytical Center, local government agencies and educational institutions experienced 36 percent and 20 percent of all leaks, respectively which is twice as many as worldwide average.
While 66 percent of all global incidents over the reporting period affected personal data, the majority - over 38 percent – of Middle Easter data breaches compromised trade secrets and know-how, with personal data in the region leaked in less than 30 percent of cases.
The Group's Business Development Director for Middle East and InfoWatch Gulf's CEO Kristina Tantsyura noted that the difference between global and regional leak breakdowns by data type is largely due to political and economic landscapes of the Middle East.
“Countries’ specifics and possible tensions among Gulf states have a significant effect here. The Middle East countries see public uproar when information of political or technological value is compromised as a result of either external attacks on government agencies and manufacturing enterprises or malicious and negligent actions by their employees,” she announced.
External intruders caused two thirds of all leaks from the Middle East companies, while, almost the same share worldwide 63 percent was attributed to internal offenders.
“Internally-triggered leaks are just as dangerous for the Middle East as external ones, despite their relatively small share here,” said Tantsyura.
The CEO explained that internal data breaches in the region were mostly of malicious nature and often compromised extremely sensitive data, leading to severe consequences, even damage to national defense capability.
One in five incidents in the Middle East was caused by non-privileged, rank-and-file employees, while top managers were at fault 2.5 times more often than globally.
While the network channel was used in the majority of enterprise data leaks over the period, both worldwide and in the Middle East, there is a big difference in local and global leak breakdown by channel.
The shares of leaks through mobile devices and instant messengers in the Middle East were more than three and almost four times larger than global figures, respectively.
“The analysis of publicly available cases shows that government agencies and most businesses in the Middle East lack reliable tools to protect themselves against both external and internal leaks,”noted the CEO.
She advised Middle East companies to reconsider their security approach in terms of both information handling and use of particular external and insider threat protection tools that should combine Data Loss Prevention (DLP) with User and Entity Behavior Analytics (UEBA) technology, which analyzes enterprise information flows and uses machine learning-based models to predict cybersecurity risks.
The report relies on the InfoWatch Analytical Center’s own database that aggregates publicly reported data leaks, which hit profit and non-profit organizations and resulted from malicious or negligent actions by employees or criminals from the outside.
InfoWatch Group is a Russian vendor of end-to-end enterprise cybersecurity solutions that effectively protect businesses against the most pressing internal and external threats.