Data loss affected four out of five organizations as careless users do damage

According to the report, data loss is usually the result of poor interactions between humans and machines. “Careless users” are much more likely to cause data incidents, than compromised or otherwise misconfigured systems.

The human factor is again to blame

Proofpoint further claims that many organizations are happy to invest in DLP solutions, but these investments are “often inadequate”. Of all the organizations that suffered a data loss incident, almost nine in ten (86%) faced negative outcomes, such as business disruptions, or revenue losses (reported by more than half - 57% - of affected firms). 

“Careless, compromised, and malicious users are and will continue to be responsible for the vast majority of incidents, all while GenAI tools are absorbing common tasks—and gaining access to confidential data in the process,” commented Ryan Kalember, chief strategy officer, Proofpoint. “Organizations need to rethink their DLP strategies to address the underlying cause of data-loss—people’s actions—so they can detect, investigate, and respond to threats across all channels their employees are using including cloud, endpoint, email, and web.” 

Misconfigured databases - incidents in which employees, for example, forget to set up a password for a major database, are one of the most common causes of data leaks.

Over the years, we’ve witnessed millions of people lose their sensitive information that way, including an unprotected database holding sensitive information on the entire population of Brazil. Another example is a recent BMW security error that resulted in the leak of sensitive information belonging to its customers.

More from TechRadar Pro

• These are the best data recovery services
• Most companies are using AI for security, not coding
• Take a look at the best cloud storage services