The cybersecurity market offers excellent solutions and services to combat the threats that are exploited by cybercriminals. However, are these tools enough to fully protect an organization? It is clear that human error is a strong attack vector for many popular cybercrimes, so the best way to augment any security program is to create a cyber-aware workforce. After all, with the correct training and education, the front-line staff can become one of the most effective allies in preventing an attack.
The Human Cyber Risk
According to the most recent Verizon Data Breach Investigations Report (DBIR), 85% of cyberattacks are the result of human error. This could involve a variety of interactions from clicking malicious links to sharing passwords or accidentally deleting files or data.
In a workplace, employees often juggle many different things at once, trying to meet deadlines, reply to emails, and take multiple phone calls. In this kind of high-stress environment, it’s easy to see how mistakes happen. All it takes is letting your guard down for one moment, which is exactly what cybercriminals are hoping for. What’s more, there are many activities that employees will participate in without even realizing they are increasing the cyber risk for that business. These activities include sharing passwords or sharing information in an unsecure way.
One of the most common security factors that employees contribute to is the improper protection of passwords. A business can have all the security defenses in the world, but one weak password can be just what a criminal needs in order to gain access to a corporate account or network. Cybercriminals know that human error is a reliable attack technique, so weak passwords are usually their best way in. In fact, the 2020 DBIR indicated that 80% of hacking related breaches involved stolen passwords (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/protect-your-organization-by-cultivating-a-culture-of-cybersecurity-awareness/