????7. 各種失誤

????噢，我不小心又捅簍子了——比如我把一封含有敏感信息的電子郵件發(fā)給了錯(cuò)誤的收件人。這是這種無(wú)意間造成的數(shù)據(jù)泄露的典型案例。其它案例還包括把非公開(kāi)信息張貼到公司的網(wǎng)絡(luò)服務(wù)器上，或者是通過(guò)郵局把信件寄到了錯(cuò)誤的地址。人為失誤無(wú)可避免（除非把他們開(kāi)除了，然后統(tǒng)統(tǒng)換成電腦），不過(guò)威瑞森公司指出，企業(yè)可以部署一套數(shù)據(jù)丟失預(yù)防軟件，以減少通過(guò)電子郵件發(fā)送敏感文件的情況。此外，還可以在向外部和內(nèi)部網(wǎng)站發(fā)布文件的流程上制訂更嚴(yán)格的規(guī)定。

????8. 實(shí)物被盜/丟失

????不知道大家知不知道這樣有一個(gè)有趣的事實(shí)：像手機(jī)和筆記本這樣的企業(yè)資產(chǎn)在公司辦公室里被盜的概率往往要高于在家里或在交通工具上被盜的概率。造成這種情況的主要原因是人們的粗心。威瑞森的報(bào)告就此無(wú)奈地指出：“意外總是會(huì)發(fā)生的，總有人丟東西，也總有人偷東西，這是沒(méi)法改變的事實(shí)。”唯一能改變的就是，建議公司給設(shè)備加密，給數(shù)據(jù)做備份，然后告訴員工把東西看緊些。

????9. 分散式拒絕服務(wù)攻擊

????最后值得的一提的是所謂的分散式拒絕服務(wù)攻擊（DDoS），它包括所有旨在使網(wǎng)絡(luò)和系統(tǒng)癱瘓的攻擊。這種攻擊形式主要針對(duì)金融、零售和公共部門(mén)。雖然黑客發(fā)動(dòng)此類(lèi)攻擊的動(dòng)機(jī)仍然是老三樣——敲詐、抗議、惡作劇，但是攻擊者所使用的工具卻變得更加先進(jìn)，而且這些工具在命名上也更加親切，比如“Brobot”（哥們兒）和“itsoknoproblembro”（別擔(dān)心，沒(méi)事的，哥們兒）等。（財(cái)富中文網(wǎng)）

????譯者：樸成奎

????7. Miscellaneous errors

????Oops, I did it again -- as in, I sent an email containing sensitive information to the wrong recipient. That's the most common example of this kind of unintentional data disclosure. Others include accidentally posting non-public information to a company's web server or even snail-mailing documents to the wrong physical address. There's no cure for human error (other than replacing them with computers, of course), but Verizon says corporations can implement data loss prevention software to reduce instances of sensitive files sent by email and tighten processes around posting documents to internal and external websites.

????8. Physical theft/loss

????Here's a fun fact: It turns out that corporate assets like phones and laptops are stolen from corporate offices more often than from homes or vehicles. The primary cause of this type of incident?Carelessness.According to the Verizon report: "Accidents happen. People lose stuff. People steal stuff. And that's never going to change." The only thing you can change, advises the company, is to encrypt devices, back up data, and encourage employees to keep their gadgets close.

????9. Distributed denial-of-service attacks

????Last but not least, so-called DDoS threats include any attack aimed at compromising the availability of networks and systems. These are primarily directed at the financial, retail and public sectors. And while the motives behind shutting down corporate, consumer-facing websites remains the same -- extortion, protest, or perverse fun -- the tools at attackers' disposal have become more sophisticated and more thoughtfully named, such as "Brobot" and "itsoknoproblembro."