Internal negligence, according to Quest Software, can be defined as an offence committed by staff members, such as forgetting to check log reports for suspicious behaviour, that leads to company documents or financial information being leaked out of the enterprise.

However, negligence can occur in simple ways such as the result of losing a USB stick containing company information. For example, security vendor, Sophos, purchased three bags of lost USB sticks at a Rail Corporation auction in Sydney, Australia, last year. The included images, documents, source code, audio files, video files, XML files and AutoCAD drawings.

In an age where information and data are the lifeblood of any organisation, data loss as a result of internal negligence is one of the most prominent issues keeping IT security executives up late at night, according to IDC Australia senior market analyst, Vern Hue.

"The extent of data loss goes beyond the obvious loss of valuable and sensitive information, making data protection both a business and technological concern," he says.