This article has been supplied as a media statement and is not written by Creamer Media. It may be available only for a limited time on this website.
According to a study by IBM, 95% of cyber security breaches result from human error. Even though humans make mistakes, this mistake is so overwhelming in cybersecurity that 19 out of 20 cyber breaches result from human error. Another report indicated that human error resulted in a loss of $3.33 million in 2020. Human error in cybersecurity accounts for either unintentional or lack of action that results in a data breach. It includes activities like downloading an infected software and keeping a weak password or compromising the IP address that can be checked on What Is My IP and not updating the software.
Types Of Human Errors In Cybersecurity
The types of human errors in cybersecurity can be categorised into skill-based and decision-based errors. Skill-based errors are generally minor errors that occur while carrying out a daily task. It is often the result of negligence due to inattentiveness, tiredness and distraction. On the other hand, decision-based errors are the ones where the user makes a faulty decision. Decision-based errors result from a lack of knowledge, skills and information about a specific circ*mstance. It further includes inaction during a particular scenario too.
Misdelivery, including sending information to the wrong recipient, is the fifth most common cause of all cybersecurity breaches. Email services often auto-suggest an email address to increase the user’s convenience, which increases the risk of sending an email to the wrong person if not carefully checked. The other most common reason for a cybersecurity breach is keeping passwords which are extremely popular and are therefore easy to guess. Also, 45% of the users keep reusing their passwords for accessing one service or another. Additionally, users also save these passwords in a careless manner which makes it easier to land hands on them.
Updating The Latest Update Is Important
Patching is another issue that threatens cybersecurity. Most cyber criminals look for vulnerabilities in software or operating systems. When the software developers notice such issues, they work on fixing them and send the patches to their users before the loophole can be used to compromise the data. However, when a user engages in inaction and, as a result, does not install the security updates, they risk their level of being prey to cyber criminals.
The WannaCry ransomware attack that took place in 2017 was the result of inaction by the users of Microsoft. The attack affected many companies and organizations and the loss occurred in millions. Interestingly, Microsoft sent its users the patch a month before the attack happened. If the users had updated the software, they could have saved themselves from such a heavy loss.
Physical Security Errors Should Be Taken Care Of
Even though most data breaches result from non-physical security errors, the gravity of physical security errors is massive too. Unauthorised access to a computer or an account can give another user straight access to all confidential information. Physical security errors often take place when a device is left unattended.
Therefore, it is important to take care of both physical and non-physical security errors to prevent data breaches.
Ways To Prevent Human Error In Cybersecurity
The first thing one can do to reduce human error in cyber security is to reduce the opportunities for a cybersecurity attack. The opportunities can be reduced either by privilege control or password management. Secondly, there is a need to impose security-focused culture in the office urgently. A security-focused culture can be ensured by encouraging discussions amongst the different stakeholders and carrying out regular training and workshops to enrich cybersecurity knowledge amongst the employees.
Even though much data has revealed that humans are the weakest link in the cybersecurity breach, it need not be the case. The cybersecurity data breach can be taken care of with the right amount of training and a security-focused culture. With proper precautions, the role of human error in cybersecurity data breaches can be drastically reduced, which is beneficial for both the employees and the businesses. To reduce human error, it is essential first to analyse why human errors are reduced, how such opportunities can be reduced and finally, impart knowledge on cybersecurity hygiene. The easiest way to reduce the cybersecurity data breach is by ensuring a solid password that is not reused and shared.
FAQs
Human error accounts for up to 95% of cybersecurity incidents, according to the World Economic Forum. Verizon's data breach report puts it at 85%.
What is the role of human error in cybersecurity breach? ›
Human error accounts for 52 percent of the root causes of security breaches, according to a study from CompTIA, the IT industry association. CompTIA's Trends in Information Security study was conducted in January 2015 among 700 business executives and technology professionals at U.S. companies.
Are 85% of cybersecurity breaches caused by human error? ›
Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems.
Is human error the main cause of 95 of cyber security breaches IBM? ›
The sad truth is history is filled with data breaches that were caused by human error. A joint study by Stanford and Tessian reported that employee mistakes cause 88 percent of data breach incidents. According to an IBM Security study, that number is closer to 95 percent.
Are 95% of cyber security breaches due to human error? ›
A joint study by Stanford University Professor Jeff Hanco*ck and security firm Tessian has found that a whopping 88 percent of data breach incidents are caused by employee mistakes. Similar research by IBM Security puts the number at 95 percent.
Is human error to blame for most breaches? ›
According to a study by IBM, human error is the main cause of 95% of cyber security breaches. In other words, if human error was somehow eliminated entirely, 19 out of 20 cyber breaches may not have taken place at all!
How can human error contribute to cyberattacks? ›
Types of Human Errors in Cyber Security:
Weak Passwords and Authentication: Weak or reused passwords remain a prevalent human error in cyber security. Individuals often choose easily guessable passwords or reuse passwords across multiple accounts, making them vulnerable to brute-force attacks or credential stuffing.
Is human error responsible for 82% of data breaches? ›
Considering that a 2022 report from Verizon found that 82% of data breaches involved the human element, ensuring that everyone in the organization is responsible for cybersecurity is one of the most effective ways of protecting data privacy and security.
What is the major reason behind 95% of cyber security breaches? ›
Even more surprisingly, an IBM study revealed that human error was the primary reason for 95% of cybersecurity breaches.
What is the number one cause of cybersecurity breaches? ›
Although hacking attacks are frequently cited as the leading cause of data breaches, it's often the vulnerability of compromised or weak passwords or personal data that opportunistic hackers exploit. Statistics show that four out of five breaches are partially attributed to the use of weak or stolen passwords.
Humans will carelessly handle data
Sending personal information to the wrong recipient via email (45% of human error breaches), Unintended release or publication of personal information (16%), and. Failure to use the 'blind carbon copy' (BCC) function when sending group emails.
Which is an example of human error creating a security concern? ›
Inadvertent actions, such as clicking on phishing links, falling victim to social engineering tactics, using weak passwords, or neglecting essential security practices, contribute significantly to cybersecurity risks.
Is human error a major risk to the security of personal data? ›
That being said, based on a 2023 study, 74% of data breaches involve a human element. This guide will focus on assessing the risks of human error leading to data breaches within your organization.
What percentage of cyber security breaches is human error? ›
According to Cybint, 95% of cybersecurity breaches are caused by human error, meaning they were likely preventable. Yes, you read that right.
What accounts for 95 of all cybersecurity breaches? ›
Human Error Accounts for 95% of Cyber Attacks
Research indicates 19 out of 20 breaches are the result of human error in some form.
Is research suggests that human error is involved in more than 90% of security breaches? ›
Research suggests that human error is involved in more than 90% of security breaches. Security awareness training helps to minimize risk thus preventing the loss of PII, IP, money or brand reputation.
What is human error responsible for? ›
Human error has been cited as a primary cause and contributing factor in disasters and accidents in industries as diverse as nuclear power (e.g., the Three Mile Island accident), aviation, space exploration (e.g., the Space Shuttle Challenger disaster and Space Shuttle Columbia disaster), and medicine.
How does human error pose a security risk? ›
Employees may also unintentionally misconfigure security settings, leaving systems vulnerable to exploitation. Failure to follow established security protocols and procedures, such as neglecting to encrypt files or failing to update software promptly, can leave systems exposed to potential threats.
Is human behavior responsible for these security breaches? ›
In fact, 74% of incidents include some human element, such as clicking on a phishing link. Whether it's a man-in-the-middle attack over Wi-Fi, a social engineering scam or something else, humans are inadvertently involved in most data breaches.
