The Greatest Threat to Network Security – Human Error
Recently, Verizon released their annual Data Breach Investigation Report (DBIR), which, as always, contained numerous interesting and important nuggets of truth when it comes to network security. One of the prevailing issues we’ve seen in the past has reared its ugly head once again in the pages of this year’s report. Human Error.
Nearly half of all the security incidents captured in this report were caused by “miscellaneous errors” and “insider misuse”, which boils down to human error. Furthermore, we can add an additional 25% for crimeware, which tempts an employee to mistakenly click on a malicious link and in most cases they do. Put together, these stats leave us with the embarrassing fact that 75% of security incidents result from the lack of awareness among average employees to uphold basic security policies.
With hackers rapidly evolving to attack networks in new and increasing ways the threat landscape continues to grow. Meanwhile, many organizations are dragging their feet when it comes to effectively combatting these attacks. Average employees are being exposed to the front lines of the cyber war with little protection from their parent organizations.
Considering that the anticipated cost of a breach of 10 million records is coming in at $73,943,950 according to the DBIR report, organizations need to determine how to protect themselves from human error or else they will suffer huge consequences. Breaches of this size are happening with greater frequency and should be deemed probable for any large enterprise.