While threats to data security and privacy are often perceived to come from the outside, all signs point to internal threats being just as dangerous, intentional or not. Forrester Research recently released its Understand the State of Data Security and Privacy Report, which draws on a survey of small and medium businesses and other enterprises in the United States, Canada, Britain, France, and Germany. The survey found that inadvertent misuses of data ranked as the top source of data breaches in 2012, accounting for 36% of all breaches. Nearly a quarter of respondents said breaches were most commonly the result of malicious insiders. Only 42% of small and medium businesses said their workforces received training on how to secure data, and only 57% of workers said they were aware of their organizations’ current security policies. Forrester analyst Heidi Shey says these numbers show that organizations need to make data security more of a priority. The report suggests organizations utilize a framework for data security built on three steps: inventorying all the organization’s data, analyzing the data, and structuring data security around protecting the most valuable data.