Internal violators are the most serious threat to data privacy in Southeast Asia

Kuala Lumpur, October 12, 2017 — Data leakages in ASEAN
countries are mainly caused by the negligence of top-level executives and
employees with access to sensitive and confidential data, according to the
latest research findings by cybersecurity
and data leak prevention expert InfoWatch Group.

Up to 56% of incidents of compromised data were caused by
executives, employees, IT administrators and other authorized personnel. The
other 44% of leakages were the result of external attacks and former employees.
(Figure 1)

“It is a disturbing sign to see that a relatively high
percentage of leaks stem from top managers and system administrators who fall
into the category of ‘privileged users’,” said Vladimir Shutemov, Chief International
Business Development Officer of InfoWatch Group.

Shutemov, who also heads InfoWatch SEA operations based in Kuala Lumpur, added, “Leaks due to blunders,
intentional violation of rules or malicious activities of privileged users are
the most destructive as they have more access to sensitive data compared to
rank-and-file employees.”

He was citing the latest findings of InfoWatch research unit, InfoWatch Analytics Center, on data
leaks reported by governments and commercial and non-commercial organisations
in Southeast Asia, South Korea, India and Bangladesh. The research was based on
information sources in the media and other public domains between July 2016 and
July 2017.

Shutemov said users with advanced permissions, either
unwittingly or deliberately, cause the leakage, because they were “unhappy”
with any attempt by their organisations to control their PCs, laptops and mobile
phones.

By industry category, the research also pointed out that
up to 43% of leakages in Southeast Asia stemmed from public institutions
including government, military and law enforcement agencies, compared to only
13% worldwide. (Figure 2)

In terms of types of data leaked, in Southeast Asia, South
Korea, India and Bangladesh, the report cited that personal data comprised
almost 77%, followed by payment details at 15%, trade secrets or know-how at
5%, and state secrets, close to 3%.  By comparison, globally, 62% of data
leaked was personal data, while up to 31% of data stolen were payment details.
(Figure 3)

“In line with global trends, Southeast Asia and other
Asian countries are striving to improve cybersecurity. Their governments have
toughened up personal data laws, while enterprises more and more often use
information security tools against external and internal intruders. But more
needs to be done as technology advances and the intruders become more
sophisticated,” said Shutemov.

By channels, browsers and cloud storages turned out to be
the most common means data is leaked, almost 74% of all cases, while equipment
loss, such as stolen laptops, and the popular use of instant messenger apps,
together caused 14% of leaks. Globally, browsers and cloud storages were used
in 61% of data leaks, followed by email (23%), and paper documents (8%).
(Figure 4)

InfoWatch currently serves more than 1,500 large customers
worldwide with proprietary and patented cutting-edge cybersecurity
technologies.

InfoWatch’s full suite of data leak prevention and
cybersecurity solutions and can analyse content in Asian languages for the
prevention of data leakages, including in Malay, Indonesian and Vietnamese.

– E N D S-

InfoWatch Group is a Russian developer and vendor of
end-to-end enterprise cybersecurity solutions for organizations to combat
external and internal security threats. Established by Natalya Kaspersky in
2003, InfoWatch pioneered the data leak prevention (DLP) market in Russia.
Since 2011, InfoWatch has expanded globally offering its products in Western
Europe, the Middle East, India and Southeast Asia.

More information about InfoWatch Group of companies is
available at www.infowatch.com