Skip to main content

Tackling the role human error plays in data breaches

Web Hosting & Remote IT Support

Cyberattacks today are an inevitable occurrence, rather than mere possibility. Near-daily comes news of another organization seeing their systems taken offline or their data being stolen as a result of a cyber intrusion. The nature of modern businesses means that cybersecurity lapses pose a very real threat to its ongoing survival – and something that every single employee in an organization has a role to play in preventing.

Thales’ 2024 Data Threat Report revealed human factors are still a major cause of cloud data breaches. Of the IT professionals that were surveyed, 22% stated that human error was the single most concerning threat. Furthermore, 74% placed threats from human error as a key priority. In the last three years, human error has ranked either first or second as the leading source of cyberattacks for enterprises.

With so many cyberattacks coming down to simple human error – and cybercriminals often capitalizing on the human propensity to make mistakes – how can businesses mitigate these people-related risks, and secure their IT infrastructure?

Remote work is an added cybersecurity frontline

Many cyberattacks can start innocuously enough. Phishing emails are one common way – tricking an unsuspecting employee who might have let their guard down into clicking a malicious link, or sharing compromising information such as passwords.

Passwords have had long running challenges from a security perspective – placing the burden on users, and relying largely on human memory, means the risk of people falling back on using the same memorable passwords across multiple accounts is high. While conventional advice recommends issuing long, complex passwords for professional use, the reality is that this doesn’t happen nearly enough.

Remote working has given many employees welcomed flexibility in how they get their jobs done – but at the same time, it does carry additional cybersecurity risks. Employees may be less likely to speak up and raise concerns in a remote environment, or from the familiar surroundings of home with their guard down, may be more likely to fall victim to a phishing scam. Flexible and hybrid work arrangements are the norm across many industries, but with so much variation of types of networks employees are using to access sensitive documents and data, the likelihood of exposing company data on insecure networks is increased.

The impact of data breaches

Whether it’s operationally or financial, the aftermath of successful data breaches can be devastating. Businesses can be ground to a complete halt, not to mention added losses through ransom payments and fines resulting from the breach.

There are also the longer-term impacts on reputation and customer loyalty, with the brand damage resulting from a successful breach often lasting a long time. Customers, suppliers, and partners may also see their stories covered in the media, multiplying the impact.

From awareness to prevention

Reducing the cyber impact from people-related risks is as much a cultural and behavioral change as it is a technological one. Business leaders need to get proactive about building an understanding amongst employees of the role they can – and must - play in protecting both themselves and the organization they work for.

At the same time, any policies that are set also need to account for how people in the organization actually work. If the rules are too strict, employees will look for insecure shortcuts to work around them. Whether it’s the use of personal devices, email accounts, or unauthorized memory storage devices, what the business has as a policy, and what employees end up doing can be very different – and that poses a huge risk.

The human element should be at the forefront of every cybersecurity plan. Employees should be consulted about their preferences when designing protocols, to ensure that there is full accessibility and understanding across all job roles and departments within the organization.

Finally, businesses can also make progress by auditing and changing how they’re authenticating their systems and data. By shifting away from passwords to biometrics, or other stronger and easier-to-use systems like passkeys, businesses can get away from relying on the human memory of their workforce – and the associated risks.

In a world of evolving threats, no business can ever realistically consider themselves ‘finished’ with cybersecurity. But by considering the above, leaders will be well on their way to mitigating one of the common ways organizations find themselves breached – and empower their employees in the process.

We feature the best cloud antivirus.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro



via Hosting & Support
Labels:

Comments

Post a Comment

Web Hosting
Remote IT Support
Sites & Socials
Computing Handbook - $9.95

Popular posts from this blog

Microsoft, Google, and Meta have borrowed EV tech for the next big thing in data centers: 1MW watercooled racks

Web Hosting & Remote IT Support Liquid cooling isn't optional anymore, it's the only way to survive AI's thermal onslaught The jump to 400VDC borrows heavily from electric vehicle supply chains and design logic Google’s TPU supercomputers now run at gigawatt scale with 99.999% uptime As demand for artificial intelligence workloads intensifies, the physical infrastructure of data centers is undergoing rapid and radical transformation. The likes of Google, Microsoft, and Meta are now drawing on technologies initially developed for electric vehicles (EVs), particularly 400VDC systems, to address the dual challenges of high-density power delivery and thermal management. The emerging vision is of data center racks capable of delivering up to 1 megawatt of power, paired with liquid cooling systems engineered to manage the resulting heat. Borrowing EV technology for data center evolution The shift to 400VDC power distribution marks a decisive break from legacy sy...
Post a Comment
Read more

When might Captain America: Brave New World be available to stream on Disney Plus?

Web Hosting & Remote IT Support Captain America: Brave New World has landed in theaters worldwide and I bet you're already wondering when it might debut on Disney Plus . Indeed, Marvel's latest movie has just taken flight in cinemas as of today (February 14), but, if you're not planning to watch it on the biggest screen possible, you'll want to know when it could come to Disney's primary streaming service. Right now, I can't tell you when it'll be released on one of the world's best streaming services . However, I can use some of its predecessors' Disney Plus launch dates to predict its arrival. Before you continue scrolling, though, read my Captain America: Brave New World review to see if it's worth watching, plus my Captain America: Brave New World hub and Captain America 4 cast and character guide for details on its cast, story, trailers, and more. When do we think Captain America 4 will debut on Disney Plus? You won...
Post a Comment
Read more