If the headline-grabbing cyberattacks of 2013 and 2014 — think Target, Home Depot, and now Sony — tell us anything, it’s that organizations across the globe routinely fail to adequately detect and respond to potentially devastating threats. In fact, Forrester predicts that at least 60% of brands will discover a breach of sensitive data in 2015.

But while these high-profile attacks may be the most expensive and damaging of all time, they’re not the norm. New research from Forrester shows that while 33% of breaches occur as an external attack, the most common source of a breach (46%) is an internal incident — specifically, by malicious intent (46%), an accident (42%), or both (13%).

So what happens next? Following a breach, Forrester finds that strategy shift is the most common reaction, followed by increased investment. But even though security technology tools are important, they’re not enough. More than half of business and technology decision-makers rate lack of staff as a challenge, and 53% find unavailability of security employees with the right skills as a major challenge.

Learn more about the research here.