КОРПОРАТИВНА ИНФОРМАЦИОНА БЕЗБЕДНОСТ/ CORPORATE INFORMATION SECURITY

Abstract

The aim of this paper is to show the importance of corporate information security and empirical research of leaks of confidential personal information in 2015 in the world of commercial and non-commercial state organizations, which occurred because of malicious or careless employees’ operation or external attackers, and their percentage according to established criteria. The research is based on a database created on the basis of public statements on cases of leaks of confidential information. The study covers less than 1% of the assumed total number of leaks. Criteria for the categorization of leakage are chosen so that study category contains enough elements to allow the formation of fields of research theoretical consideration of the sample, and the results and conclusions of the observed trends enable generalization of conclusions. Results showed that 1,505 cases of information leaks were registered in 2015, of which 965.9 personnel. 32.2% were caused by external malicious person, and 65.4% by employees. Personal data and financial information are the most frequent object of attack - 90.8%. Networks are the most common channels of information leakage - 45.6%. The highest percentage of information leaks in commercial medium-sized enterprises, and the most attractive economic sector for attacks is in the area of high technology, trade and transport. Data of trading, transportation and high-tech organizations are most often attacked from outside, while the financial, medical and educational organizations were, as a rule, attacked by insiders. For all the data theft is less likely the use of e-mail, removable media, services for instant messaging, because the control of these channels is high. Selection of hackers are closed uncontrolled channels whose protection systems either do not work or are inefficient.