You are the Weakest Link in Cyber security
“Human error” contributes to nearly all cyber incidents.
Even though organizations may have all of the bells and whistles needed in their data security arsenal, it’s the human element that continues to fuel cyber incidents occurring.
“human error” is involved in more than 95 percent of the security incidents.
The prevalent form involves,
- Clicking on a malicious link found in a phishing message
- System misconfiguration
- Poor patch management
- Use of default usernames and passwords
- Using poor passwords
- Lost laptops or mobile devices
User education is a powerful tool. Educate your employees not to provide personal information to unfamiliar requesters.
Average organization experienced more than 91 million “security events” (+12% on previous year).
Although there was a jump in the number of security events, those classified as “attacks,” which researchers define as malicious activity that attempts to “collect, disrupt…or destroy” resources within the network, dropped to an average of 16,900 attacks, compared to the 73,000 per organization in the previous year.
According to the report, this is a result of evolved threat intelligence when analyzing the security events.
Of those same attacks experienced by enterprises, an average of 109 are classified as actual “incidents,” which prompted security analysts to give them a closer look.
Many factors have contributed to this increase: detection capabilities and increased availability of mobile technology are two examples. As the world’s internet footprint grows, so will the potential for attacks.
In addition to the number of threats organizations faced, attackers prefer in their cyber armory:
Leading the way is
malicious code including trojans, keyloggers and droppers, which were involved in 38 percent of the security incidents,
sustained probes or scans, (reconnaissance activity usually designed to gather information about the targeted systems).
While the world continues to produce new technology, the challenge is keeping up with the security that should be incorporated.
The world is struggling to keep up with its own progress. There are attacks and compromises taking place that go undetected on a daily basis simply due to the challenge of keeping up.
Suresh Shah, Pathfinders Enterprise