More than one third (35%) of companies believe -sensitive information has been handed over to competitors, according to Cyber-Ark Software's fourth annual Trust, Security and Passwords survey.
The global study also finds that 37% of IT professionals put ex-employees as the most likely source of this abuse, but 28% also cite human error as the next most likely cause, followed by external hacking or loss of a mobile devices (10%).
As for what gets stolen for competitors, this research puts the customer database in the number one slot (26%) and R&D plans second (13%).
Speaking about the results, Cyber-Ark's executive vice president Americas and Corporate Development Adam Bosnian says that there appears to have been little year-over-year change – indicating that more needs to be done to protect companies' most valued assets.
Additionally, to address vulnerabilities related to human error that could expose a proprietary database or financial information, organisations need to employ additional layers of control, such as the ability to grant privileges to sensitive data and systems on-demand, he advises.
This limits 'innocent' mistakes, by allowing access to information only when users need it to perform a particular task or query, he says.
That said, he notes that this' year's research shows snooping is still on the rise, but access is getting more difficult. Incredibly, 41% of respondents confessed to abusing administrative passwords to snoop on sensitive or confidential information – an increase from 33% in both 2008 and 2009.
Organisations are clearly trying to better curb snooping and are installing stronger controls. However, based on this year's survey, 61% reckon they could circumvent those controls – although that is a decrease from 77% in 2009.
"While we understand that human nature and the desire to snoop may never be something we can totally control, we should take heart that fewer are finding it easy to do so, demonstrating that there are increasingly effective controls available to better manage and monitor privileged access rights within organisations," comments Bosnian.
"With insider sabotage on the increase, the time to take action has already passed and companies need to heed the warnings," he adds.