If you work in a corporation, then you might be interested in a blog posting by Joel Hruska over at Ars Technica that reviews a report by Compuware on how and why corporations lose data.
Compuware surveyed 1,112 "IT practitioners" and found that only 1 percent of data losses could be attributed to hackers.
The other 99 percent? Mostly negligent insiders. The next biggest sources of trouble were outsourcing and malicious employees.
Asked about their employer's ability to monitor and detect information theft, most of those surveyed said their employers did a poor job.
If you like to cut to the chase, here is Hruska's conclusion:
The report ultimately suggests that the vast majority of companies have security models that are semifunctional at best. Accountability is a hit-or-miss affair, confidence in the system as a whole is minimal, and the flaws that contribute to data breaches aren't confined to any single level of an organization.