One cybersecurity firm’s 2023 data analysis has shortlisted three prime candidates: departing employees, careless workers, and those with high-privilege data access

In analyzing its internal customer protection ecosystem data between January and September 2023, as well as Jan – Dec 2023 data from an AI security firm that it is acquiring, a cybersecurity company has publicized five trends in data loss that it encountered in 2023.

The overarching trend found in the company’s data for last year was: data loss was a problem stemming from the interaction between humans and machines: “careless users” were much more likely to cause cyber incidents than problems due to compromised or misconfigured systems.

Specifically, this generalization was based on the following five factors in 2023 data:

  • Privileged users posed the highest-risk: Employees with access to sensitive data, such as HR and finance professionals, were cited by 63% of customers surveyed as contributing the greatest risk of data loss.
  • Careless users were another major cause: 71% of employees surveyed in organizations that experienced the equivalent of more than one incident per month (a mean of 15 data loss incidents per organization in the past year) cited careless users as a main cause.
  • Departing employees were the third riskiest user category: 87% of anomalous file exfiltration among cloud tenants over a nine-month period was caused by departing employees.
  • Generative AI was the fastest growing area of concern: Tools such as ChatGPT, Grammarly, Bing Chat and Google Gemini were increasing in power and utility, and more users in the protection ecosystem were inputting sensitive data into these applications.
  • Organizations’ data loss prevention (DLP) programs were being expanded: While many programs were initially implemented in response to legal regulations, more than 50% of the employees of customer organizations surveyed cited protection of customer and employee privacy as the primary driver of increasing vigilance of data loss prevention.

The report by Proofpoint has recommended organizations to: increase vigilance of people with access to sensitive data or high admin privileges; establish a security review process for departing employees; implement DLP policy rules for common data exfiltration methods; using data classification to identify data assets for tiered protection; and regularly reviewing DLP programs to sync with adoptions of new technologies and user behavior.