Employees and third-party services are most likely the weakest links in a company’s cyber security system, but regular risk assessments can help prevent information leaks, a financial services regulatory attorney said last week. "Employees are the sources of many compromises within companies, much more so than the Chinese hackings that we read about every day," said Jeffrey Taft, a partner with Mayer Brown during a conference Wednesday at the firm’s New York office. "It’s probably 20 times more likely that somebody in this room will be penetrated by employee malfeasance or negligence than any Chinese hacker.