SEC’s Most Significant Threats to Information Protection

The circulation of confidential information can be detrimental for many organizations. 

Whether it be intentional or unintentional, the exposure of private information and assets can result in severe increased risk. 

Understanding your organization’s internal risk exposure can assist with critical decision making. 

The Security Executive Council (SEC) conducted a study and identified the top 5 threats to security from internal sources and the top 5 risks to security of information assets. 

Top 5 Threats to Security from Internal Sources

1. Inability/unwillingness to follow established policy 
2. Disclosure due to insufficient training
3. Unauthorized escalation of privileges
4. Unauthorized information collection/data sniffing 
5. Theft of onsite organizational information assets

Top 5 Risks to Security of Information Assets

1. Cloud-based data storage
2. Cloud-based applications
3. Mobile technologies
4. “Bring your own” devices (BYOD)
5. Social Media

Read more about the SEC’s most significant threats to information protection.