"Think about where your confidential data is, how someone is going to steal it and if they did it, how would you detect and investigate it?" he said.

Klein added that if IT executives knew where their data was they could start putting controls in place such as logging and monitoring.

In addition, executives should consider installing improved access control systems or data loss prevention offerings to detect when someone's attempting to access information.

"We have had clients call us up six months later and say it's happened again," he said. "But this time they have put the computer in storage and seized the mobile phone."

During an investigation, forensic investigators build a chronology of what happened in the computer including email data and time stamps within Word documents.