Despite all the warnings about hackers attacking digital systems, despite all the media coverage of major breaches of big box organizations, despite news of hackers attacking our government agencies and critical infrastructure…the people who operate the systems continue to make the same old mistakes and open the cyber doors to those with malicious intent. Will Daugherty recently wrote about the top causes of breaches and noted that “…phishing/hacking/malware took the top spot, accounting for approximately 31 percent of incidents”. The number two cause was human error/mistakes (24 percent of causes). Since humans open emails and make the common mistake of not checking the validity of the email or who it is from, that essentially means that humans, due to their actions account for over 50 percent of all cyber breaches….50%!
Traditionally organizations try to reduce these errors with cyber training, but time and again we find people continuing to make the same mistakes that result in a successful cyber attack. While training is part of the solution in reducing breaches, the true solution is to create a cybersecurity culture within an organization that fully embraces security, is not tolerant of errors and where the members of the organization, by their actions, lock arms against intruders. This culture is synergetic utilizing the triad of effective people, processes and technology. Until this culture is adopted by organizations large and small, the members of those organizations will continue to make the same errors, and the breaches will go on and on.
Daugherty, W. (2016). Deeper Dive: Human Error Is to Blame for Most Breaches. Retrieved from the Internet at https://www.dataprivacymonitor.com/cybersecurity/deeper-dive-human-error-is-to-blame-for-most-breaches/