How does human error play a part in Cybersecurity breaches?

As the old adage goes, a chain is only as strong as its weakest link. When it comes to Cybersecurity, that weakest link is almost always the human element.

We can build elaborate encryptions, enforce complex passwords, and require multi-factor authentication to our systems, but all it takes is a person to behave in the flawed ways that people are so apt to do to provide a wide-open doorway into our networks.

The Problem

Data breaches are a major, recurring problem. Over 41 billion records were exposed in the first six months of 2019 alone and this number is only reported data violations.  Of existing data breaches, the vast majority are caused by human error.  In fact, according to the UK’s Information Commissioner’s Office (ICO), more than 90% are caused by people making mistakes. 

What are the causes/solutions?

There are several common errors that people make that cause their data to become vulnerable to being hacked. These include the following:

Bad password hygiene

Many people tend to use the same passwords, our own research shows that the same passwords are used on personal and business email addresses. These credential combinations are then used on internal systems and external sites and services. They will often use easy-to-guess commonly used words.  This is normal; people tend to need simple ways of remembering their passwords. Forcing them to be too complex can result in passwords being written down in notebooks, or worse post-its on their computer monitors, making it very easy for someone to steal them. When people use their work credentials on third-party sites that are breached, this can inadvertently give a bad actor access to your company’s systems.  This is possibly the largest vulnerability for your organisation’s security.

To respond to this dual-threat, organisations need to give employees access to password manager tools, which can allow and encourage complex passwords that do not need to be physically remembered. Alternately, they can enforce longer but less complicated password combinations in the form of passphrases, which are both easier for people to remember, but harder for a computer to hack.

Poorly handled physical media

Another common cause of data breaches is lost laptops or USB sticks. This can be remedied with additional password protection on company computers, or using tracking software to identify the location of misappropriated devices. Encryption is another tool that helps to protect individual and organisational data. 

Insider Threats

Outright theft by employees deliberately stealing information for nefarious purposes is, unfortunately, a reality. These thefts can be pre-planned, or can be the result of discontent within an organisation. One defence against this is having carefully enforced company policies about what can and cannot be done on an organisation’s computers. This can be handled with sophisticated software which, for instance, can identify if a foreign device such as a USB stick is plugged-in to a computer.

Phishing

One of the most common causes of data loss involves phishing campaigns, or emails designed to take advantage of either human weakness or naivety regarding the nature of these types of attacks. Users may click on attachments in emails which may contain viruses or Trojans which can steal company data. 

This can be prevented with education; users can be instructed on what to look for in a URL or be given an understanding about what sort of emails to expect from people inside the company and what sort should not be trusted.  Software also can be employed to strip and/or quarantine attachments from unknown email addresses. In reality however, these phishing emails are becoming very sophisticated and precisely targeted - making spear phishing one of the most dangerous forms of attacks.

Bad Code

Poorly written software can result in creating accidental vulnerabilities and backdoors to sensitive data. To combat this, company IT departments need to use state-of-the-art programming languages and develop rigid software configuration management processes to ensure that all code is thoroughly reviewed and tested before it is released into production. 

Conclusion

No matter how secure we make our systems, there is always a chance for someone to do something which can result in dangerous data breaches.  No matter how foolproof we make a system, the better fools we create. To respond requires strategies, structures, and vigilance to combat these risks. Use password managers in combination with two-factor authentication wherever possible. Use Dark Web monitoring to monitor user behaviour and enforce password replacement when credentials are breached.

Since it is virtually impossible for your IT security departments to identify every way that users will behave that can cause weaknesses in your systems, taking a proactive approach by looking outside your networks for data can increase the likelihood that you will prevent unauthorised access before it occurs.

New call-to-action

Posted by Justine Siebke

 

Have your say...