How does human error play a part in Cybersecurity breaches?

As the old adage goes, a chain is only as strong as its weakest link. When it comes to Cybersecurity, that weakest link is almost always the human element.

To secure users with credential breach protection, guard against a data leak and address other aspects of cybersecurity, human error has to be factored in as part of your risk management process.

We can build elaborate encryptions, enforce complex passwords, require multi-factor authentication to our systems, and put in place numerous technical cybersecurity measures, but all it takes is a person to behave in the flawed ways that people are so apt to do to provide a wide-open doorway into our networks.

There may be an absence of skills within the workforce. For instance, a staff member may not know the basics such as how to secure a login page. Equally though, in the absence of an adequate authentication system and other security controls and tools, the risks associated with human error will remain.  

The Problem

Data breaches are both a major and recurring data security problem. Over 41 billion records were exposed in the first six months of 2019 alone via a data breach, and this number is only reported data violations. Typically, such a data breach can include assets such as credit card information, user names, and a wide variety of personal data, from phone numbers to social media login details. 

Of existing breaches, the vast majority are caused by human error. In fact, according to the UK’s Information Commissioner’s Office (ICO), more than 90% are caused by people making mistakes.

What are the causes/solutions?

There are several common errors that people make that can give rise to a data breach. These information security errors include the following:

Bad password hygiene

Many people tend to use the same passwords for their user logins. Our own research shows that the same passwords are used on personal and business email addresses. These credential combinations are then used for user accounts on internal systems and external sites and services. 

They will often use easy-to-guess commonly used words. This is normal; people tend to need simple ways of remembering their passwords and login information. Forcing them to be too complex can result in passwords being written down in notebooks, or worse post-its on their computer monitors, making it very easy for someone to steal them. When people use their work credentials on third-party sites that are breached, this can inadvertently give a bad actor access to your company’s systems. This is possibly your organisation's most significant cybersecurity vulnerability.

To respond to this dual-threat, organisations need to give their employees access to password manager tools, which can allow and encourage complex passwords that do not need to be physically remembered. Alternately, they can enforce longer but less complicated password combinations in the form of passphrases, which are both easier for people to remember, but harder for a person to hack, reducing the risk of a data breach.

Poorly handled physical media

Another common cause of cybersecurity breaches is lost laptops or USB sticks. This can be remedied with additional password protection on company computers or using tracking software to identify the location of misappropriated devices. Encryption is another cybersecurity tool that helps to protect individual and organisational data.

Insider threats

Outright data theft by employees deliberately stealing information for nefarious purposes is, unfortunately, a reality. These thefts can be pre-planned or can be the result of discontent within an organisation. One cybersecurity defence against this is having carefully enforced company cybersecurity policies about what can and cannot be done on an organisation’s computers. This can be handled with sophisticated cybersecurity solutions software which, for instance, can identify if a foreign device such as a USB stick is plugged into a computer.

Phishing

One of the most common causes of data loss involves phishing campaigns, or emails designed to take advantage of either human weakness or naivety regarding the nature of these types of attacks. Users may click on attachments in emails that may contain viruses or Trojans which can gain access to a database to steal company data.

This cybersecurity risk can be prevented with increasing education; users can be instructed on what to look for in a URL or be given an understanding about what sort of emails to expect from people inside the company and what sort should not be trusted. Cybersecurity software can also be employed to strip and/or quarantine attachments from unknown email addresses. In reality, however, these phishing emails are becoming very sophisticated and precisely targeted for identity theft - making spear phishing one of the most dangerous forms of attacks.

Bad code

Poorly written software can result in creating accidental cybersecurity vulnerabilities and backdoors to sensitive data. All of this may compromise a user account, open up a data leak or expose user account information. To combat this, company IT departments need to use state-of-the-art programming languages and develop rigid cybersecurity software configuration management processes to ensure that all code is thoroughly reviewed and tested before it is released into production.

Conclusion

No matter how secure we make our systems, there is always a chance for someone to do something which can result in dangerous cybersecurity breaches. No matter how foolproof we make a system, the better fools we create. To respond requires cybersecurity strategies, structures, and vigilance to combat these data breach risks. Use password managers in combination with two-factor authentication wherever possible. Use Dark Web monitoring to monitor user behaviour and enforce password replacement when credentials are breached.

Since it is virtually impossible for your IT security departments to identify every way that users will behave that can cause weaknesses in your systems, taking a proactive approach against the risk of data breach by looking outside your networks for data can increase the likelihood that you will prevent unauthorised access before it occurs.

Digital risk protection

Posted by Justine Siebke

 

Have your say...