Human error accounts for three-quarters of incidents where sensitive data is lost, new research has revealed.A report from the IT Policy Compliance Group says a fifth of organizations are hit by 22 or more sensitive data losses a year, with customer, financial, corporate, employee and IT security data going missing because it is stolen, leaked or destroyed.It reveals that user error is responsible for half of all sensitive data losses, with policy violations—either deliberate or accidental—accounting for another 25 percent.The main channels through which data is lost—in order of risk—are PCs, laptops and mobile devices, e-mail, instant messaging, applications and databases. The report also notes that businesses are seeing an 8 percent loss of revenue and a similar loss of customers in the wake of publicly reported data breaches, while notifying customers and restoring data costs another 50 pounds (US$73) per customer record.Jim Hurley, managing director of the IT Policy Compliance Group, said: “Failing to protect IT security and regulatory audit data is like a bank giving away the combination to the vault. Instead of securities and cash, these firms are putting sensitive data, customers, revenues and business futures entirely at risk.” The report suggests that organizations should identify the most sensitive business data, train staff and implement technology to mitigate user errors, policy violations and Internet attacks.It also recommends monitoring controls and procedures to ensure compliance and increasing the frequency of audits. -Tash Shifrin, Computerworld UK Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe