Corporate data loss: How bad is it? (Part 2 of 2) Posted on April 3, 2012 by Tim Burke “We have spent over 12 years building our reputation and trust; it is painful to see us take so many steps back due to a single incident.” —Tony Hsieh, CEO, Zappos, after the company suffered a data breach in which 24 million customer records were stolen Zappos is hardly alone. IT trade group CompTIA’s most recent study on security in the workforce revealed that a majority of those surveyed either suffered known data loss or ‘likely’ data loss — and of those who lost data … 65% lost confidential corporate financial data 52% lost confidential employee records 27% lost confidential customer data (e.g., credit card numbers) 26% lost corporate intellectual property or trade secrets The CompTIA study also teaches us something about the conditions under which data is lost. Turns out data loss occurs most often when data is in motion, such as when it’s sent in an unencrypted email, when unencrypted data is downloaded from or uploaded to a website, when data is transported via USB flash drives, or when the Internet is accessed through an unsecured WiFi network. As to who poses the greatest security threats — well, it seems that cybercriminals and authorized users/employees are running pretty much neck in neck for that honor, according to a 2011 Dark Reading report.