Nearly Every Organization Has Had an Insider-Caused Data Breach in the Last Year

Ecessa data breach blog header
Today’s guest blog on data breaches is by Stu Sjouwerman, Founder and CEO of KnowBe4, the world’s largest Security Awareness Training and Simulated Phishing platform. Now, more than ever, security awareness needs to be top of mind for every organization.

Whether it’s from an accidental leak of data or falling victim to a phishing attack, new data from email security vendor Egress puts the insider’s role in breaches into critical perspective.

Usually when we talk about an “insider” in the tech space, we’re talking about a malicious insider. But new data from Egress’ Insider Data Breach Survey 2021 report highlights how everyday insiders (read: your users) are one of the most common causes of data breaches.

According to the Egress report:

  • 94% of organizations have experienced some form of data breach
  • 84% of those breaches were directly caused by human error
  • 74% were caused by employees breaking security rules/protocols
  • 73% of orgs have experienced a phishing breach

Email is the most concerning conduit for 64% of IT leaders, as 55% of employees state they had received a phishing email in the last 12 months, and 27% have received one impersonating a senior employee.

In both cases of phishing-based attacks and accidental leaks, nearly one-thirds of IT leaders cite a lack of Security Awareness Training as the most likely cause of the resulting data breach. Having employees receive continual education on the latest phishing scams, social engineering tactics, and campaigns helps to keep them in a state of vigilance that helps to protect the organization from email-based threats.

From the data in the Egress report, users have a ways to go; training can be the means to help reduce the risk of insider-caused data breaches.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

Here’s how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

Ecessa Secure SD-WAN

Ecessa networking products include a built-in next generation firewall with multi-factor authentication, geoblocking, IDS/IPS, automatic threat packet updates, website filtering and more. WANworX SD-WAN products have industry standard encryption engines and offer the ability to selectively encrypt your SD-WAN tunnels to provide additional network security.

Learn more at or contact us to discuss your requirements.