Why Human Error is #1 Cyber Security Threat to Businesses in 2023
Phishing and Malware
Among the major cyber threats, the malware remains a significant danger. The 2017 WannaCry outbreak that cost businesses worldwide up to $4 billion is still in recent memory, and other new strains of malware are discovered on a daily basis.
Phishing has also seen a resurgence in the last few years, with many new scams being invented to take advantage of unsuspecting companies. Just one variation, the CEO Fraud email scam, cost UK businesses alone £14.8m in 2018.
Working From Home
Staff working from home are outside the direct oversight of IT support teams and often struggle to deal with cyber threats and appropriately protect company information.
Failing to update software and operating systems, sending data over insecure networks, and increasing reliance on email and online messaging has made employees far more susceptible to threats ranging from malware to phishing.
While technical solutions like spam filters and mobile device management systems are important for protecting end-users, with the number of threats and the multitude of systems and communications through which staff performs work, the one unifying risk factor that has to be addressed to improve fundamentally, security is the role of human error.
Why Human Error Remains the #1 Security Threat to Your Business
Almost all successful cyber breaches share one variable in common: human error. Human error can manifest in a multitude of ways: from failing to install software security updates in time to having weak passwords and giving up sensitive information to phishing emails.
How Human Error Leads to Data Breaches
Even as modern anti-malware and threat detection software has grown more sophisticated, cyber criminals know that the effectiveness of technical security measures only goes as far as humans properly utilize them.
If a cyber criminal manages to guess the password to an online company portal or uses social engineering to get an employee to make a payment to a bank account controlled by the cyber criminal, there is nothing that technical solutions can do to stop that intrusion.
IBM conducted a study into the cyber breaches that occurred among thousands of their customers in over 130 countries. This study was the most wide-reaching look into the causes of the cyber violations that had been performed at that point, but similar studies have since corroborated its results.
‘Human error was a major contributing cause in 95% of all breaches.’ — IBM Cyber Security Intelligence Index Report.
One of the IBM study’s key findings was that human error was a major contributing cause in 95% of all breaches. In other words, had human error not been a factor, the chances are that 19 out of 20 breaches analyzed in the study would not have happened at all.
Since human error plays such a vast role in cyber breaches, addressing it is key to reducing your business’s chances of being successfully targeted. It also allows you to protect your business from a far wider range of threats than any single technical solution could – and can potentially empower your workforce to actively look out for and report new threats they may encounter. Mitigation of human error must be key to cyber business security in 2021.