New Research Reveals More Than a Third of Employees Willing to Sell Private Company Data and Proprietary Information

Clearswift survey confirms that organizations must have data protection policies in place that safeguard against both malicious and inadvertent insider threats.

Posted on July 29, 2015

Mount Laurel, N.J., US – July 29, 2015 - Clearswift, a global cybersecurity innovator and data loss prevention provider, today announced more results from the independently conducted survey on enterprise security practices by Loudhouse, a technology and B2B research firm. The latest data reveals that 35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right, illustrating the growing importance for organizations to deploy data loss prevention strategies and technology to safeguard data from both the malicious and inadvertent insider threats.

The Clearswift-sponsored survey polled more than 500 internet technology decision makers and 4,000 employees in the United States, Europe, and Australia, and discovered that:

  • 25 percent of employees would sell company data, risking both their jobs and criminal convictions, for less than $8000;
  • 3 percent of employees would sell private information for as little as $155;
  • 18 percent would accept an offer of $1550;
  • 35 percent of employees were open to bribes as the offer reached $77,500;
  • 65 percent of employees said they wouldn’t sell data for any price.

“While people are generally taking security more seriously there is still a significant group of people who are willing to profit from selling something that doesn’t belong to them,” said Heath Davies, Chief Executive Officer, Clearswift. “This information can be worth millions of dollars. A case in point of the true value of data is the recent Ashley Madison hack, where user data was accessed by a member of their extended enterprise (part of their technical services team) according to the site’s CEO; the effects of which have been monumental. The site announced earlier this year that it hoped to raise $200 million in an initial public offering this year and it may have lost out on this opportunity reducing the value of its entire business. This attack has also had a ripple effect on its sister sites. It is important for companies to understand the risk and address it appropriately – this research can help them do that.”

The opportunity to sell valuable information is exacerbated by the ready access most employees have to it with 61 percent of respondents stating that they had access to private customer data, 51 percent had access to financial data, such as company accounts or shareholder information, and 49 percent had access to sensitive product information, such as planned launches and patents.

The survey concluded that attitudes toward data security are mixed, with only 29 percent saying that company data was their personal responsibility and 22 percent saying they did not feel it was their responsibility at all. A corresponding Clearswift survey of 504 information security professionals found 62 percent of respondents believe that employees do not care enough about the implications of a security breach to change their behavior.

“It is not good business to live in fear of your employees, especially since most can be trusted,” said Davies. “Getting the balance right has always been hard. But truly understanding where the problems come from, combined with advances in technology which can adapt to respond differently to different threats, really changes the game here.”

 

Notes to editors:

This data was taken from research conducted by technology research firm Loudhouse on behalf of Clearswift. Over 500 IT Decision makers and 4000 employees were polled to gauge the level of threat from insiders.

About Clearswift

Clearswift’s content-aware, policy based solutions enables defense, government, healthcare and financial services organizations across the globe to manage and maintain no-compromise data, email, cloud and web security.

US
MRB Public Relations
+1 732 758 1100
[email protected]

EMEA 
C8 Consulting
+44 118 334 0220
[email protected]

Recent News
January 12, 2023

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup share their 2023 cybersecurity predictions.

September 2, 2022

MINNEAPOLIS (September 1, 2022)—Fortra announced today the acquisition of Outflank, a well-regarded IT security leader with de

July 21, 2022

Fortra employee, Ciaran Rafferty shares his thoughts on everything from cybersecurity trends to the future of email security in this interview with Intelligent CIO. 

April 12, 2022

MINNEAPOLIS —April 8, 2022—Fortra announced today the acquisition of Terranova Security, a leader in global phishing simulation and security awareness t

March 9, 2022

Managed detection and response (MDR) forms new cornerstone of Fortra's cybersecurity portfolio