Some business leaders may be surprised to discover that the biggest risk facing organizational data is not from individual hackers or even large groups of cybercriminals. Those high-profile breaches do have a tendency to make headlines, but there is a much quieter threat that all organizations must address. According to GCN writer William Jackson, human error is the most frequent cause of data breaches among government agencies.

It may be tempting to think agencies that house national secrets would have to worry a little more about hackers, but the numbers show differently. As Jackson reported, hacking and malware accounted for a little more than one million exposed records from January 2009 to May 2012. Meanwhile, loss or theft of a portable device resulted in more than 80 million compromised records and unintended disclosure compromised more than 11 million.

This trend may be concerning for IT professionals, as it is unlikely that they will be able to deploy patches to their coworkers anytime soon, but the answer may be simply to adopt solutions that can protect against common mishaps. In fact, lost and stolen devices are the most common and that risk can be mitigated by using data encryption software. Although there is still the chance that someone will forget to encrypt mission-critical information, even that risk can be reduced with data-centric security solutions that support automation.

ZDNet columnist Ellyne Phneah recently highlighted the challenge faced by many companies: Many traditional solutions require continuous maintenance and updates. Phneah focused on automated patching for firewalls and other perimeter-based defenses, which often fall short of detecting malicious intrusions. While such tools reduce the chance for human error in regard to configuration and software updates, they also remove the benefit of human insight for intrusion detection.

"Automated security cannot detect human-led attacks by hacktivists and sophisticated cybercriminals, Reid pointed out," Phneah wrote. "These attacks, such as advanced persistent threats (APTs) are often stealthy and good at hiding within a company's network."

As Phneah pointed out, traditional security measures are better than no data protection at all, but organizations need to go further in order to reduce risk. In addition to automated network security, businesses may benefit from automated data encryption software to ensure that important information is protected in a variety of risk scenarios.