"Of those that were compromised, 47 percent said that they only
had 1 to 5 events. What isn't made obvious is whether the events
were small or massive breaches. Granted a single massive event can
be devastating for an organization while 10 small ones can present
less of a problem.
"And even here, we see that 26 percent are unaware as to how
many times they were compromised. These unknowns present, in my
opinion, a reason to be concerned since that opens up the
possibility of continued compromise and the habitual existence of
vulnerabilities within a system.
"What seems rather disturbing, however, is the belief that the
majority of attacks come from external sources. Of those polled, 51
percent believe that none come from inside and 25 percent said it
only accounted for 1 percent to 20 percent of their breaches. This
is something to watch in the next survey as the economic factors of
this year have an impact on employee behavior as well as increased
possibilities for compromise by those desperate for funds."