The most significant danger to data privacy in Southeast Asia comes from internal actors. Cybersecurity firm InfoWatch Group’s recent study reveals that careless top executives and employees with access to sensitive data are the primary cause of data leaks in ASEAN nations.
The company states that executives, employees, IT administrators, and other authorized personnel caused slightly more than 56% of compromised data incidents in Southeast Asia. External attacks and former employees were responsible for the remaining 44%. This figure is significantly lower than the global average of nearly 60%.
Source: Infowatch. Up to 56% of Southeast Asia incidents of compromised data were caused by executives, employees, IT administrators and other authorised personnel.
“It’s concerning to see such a high percentage of leaks originate from senior managers and system administrators – the ‘privileged users’,” said Vladimir Shutemov, InfoWatch Group’s Chief International Business Development Officer.
Shutemov, also the head of InfoWatch SEA operations in Kuala Lumpur, added, “Leaks due to negligence, deliberate violations, or malicious activities by privileged users are the most damaging because they have greater access privileges than ordinary employees.”
Shutemov cited the latest findings from InfoWatch’s research unit, InfoWatch Analytics Center, on data leaks reported by governments, commercial, and non-commercial organizations in Southeast Asia, South Korea, India, and Bangladesh. The research, conducted between July 2016 and July 2017, relied on publicly available information from media and other sources.
Shutemov explained that users with elevated permissions, whether intentionally or unintentionally, cause leaks due to dissatisfaction with organizational attempts to control their PCs, laptops, and mobile phones.
The research also highlighted that in Southeast Asia, public institutions, including government, military, and law enforcement agencies, accounted for 43% of leaks, a stark contrast to the global average of just 13%.
Source: Infowatch. Southeast Asia stood out for the number of leaks stemming from the public sector.
Personal data represented almost 77% of all leaks in Southeast Asia, South Korea, India, and Bangladesh. Payment information followed at 15%, trade secrets or know-how at 5%, and state secrets at 3%. In comparison, 62% of global data leaks involved personal data, while payment information constituted 31%.
Source: Infowatch. Almost 77% of leaks were around personal data in Southeast Asia.
“Southeast Asia and other Asian countries are trying to strengthen their cybersecurity in line with global trends,” said Shutemov. “Their governments have tightened personal data laws, while businesses increasingly deploy information security tools to counter external and internal threats. However, more must be done as technology progresses and cybercriminals become more sophisticated.”
The most frequent sources of data leaks were web browsers and cloud storage, accounting for nearly 74% of all instances. Lost or stolen devices, such as laptops, and the widespread use of instant messaging applications accounted for another 14%. Globally, browsers and cloud storage were involved in 61% of leaks, followed by email (23%) and paper documents (8%).
InfoWatch, utilizing its proprietary and patented cybersecurity technologies, currently provides services to over 1,500 large clients worldwide. Its range of data leak prevention and cybersecurity solutions can analyze content in various Asian languages, including Malay, Bahasa Indonesia, and Vietnamese, to prevent data leaks.
Established in 2003 by Natalya Kaspersky, InfoWatch was a pioneer in the data leak prevention (DLP) market. Products from InfoWatch are accessible in the Middle East, India, and Southeast Asia.