Human error is the biggest risk factor in data security breaches, with some of the most likely culprits being poor passwords, uninformed users and carelessness.
As cyber attackers get more sophisticated, organisations must make appropriate preparations to limit damage.
Verizon’s 2016 Data Breach Investigations Report found that the majority of breaches exploited human nature.
The report found that attacks exploit known vulnerabilities that have not been patched, even though patches have been available for months, or even years. 85 per cent of successful attacks used top 10 known vulnerabilities.
The report found that cyber criminals are increasingly using ransomware, where data is encrypted and a ransom in bitcoins is demanded before data is released.
Verizon found that 63 percent of data breaches involve the use of weak, default or stolen passwords.
Verizon Executive Director of Global Security Services, Bryan Sartin, said, “You might say our findings boil down to one common theme – the human element.
“Despite advances in information security research and cyber detection solutions and tools, we continue to see many of the same errors we’ve known about for more than a decade now. How do you reconcile that?”
Comptia’s Trends in Information Security Study, found that in Australia 62 percent of security breaches are caused by human error.
The top causes of human error are a failure to get up to speed on new threats, failure to follow policies and procedures, lack of expertise with websites and applications, general carelessness, IT staff failure to follow guidelines and intentional disabling of security.
Most employees lack basic knowledge about malware and how it is spread on a device or system.
Without this knowledge, employees can click on emails that pose a threat to a company’s security.
In many data breach cases, attackers to access systems via the careless actions of employees, such as handing over personal details, clicking on a phishing link, or failing to secure information.
The report said 60 per cent of Australian organisations experienced at least one security incident, and slightly more than 50 per cent had had one or more serious breaches.
Comptia said, “Human error is becoming more of a factor in security breaches for most companies, especially for those in maturing economies.
Comptia said in Australia, more than half of businesses had found a 56 per cent increase of human error.
Are your staff your weakest link?
At Secure Utilities, Simon Smith, an expert in computer forensics with more than 25 years of experience as a white hat hacker, will deliver a presentation entitled Your people are your biggest risk, focusing on the biggest risk all utilities face when it comes to keeping their data secure: their own employees.
Mr Smith will outline the things utilities need to take into account to keep their data internally secure, and discuss some of the newest strategies and technologies available to utilities to achieve this.
