Human error still causes preventable incidents

When data breaches occur, they impact the whole organization – not just the IT or information security departments. All employees have a part to play when it comes to information security and mitigating risks.

Verizon’s 2018 Data Breach Investigations Report found that of the 2,216 confirmed data breaches, 17% occurred because of human error. These errors include sending an email to the incorrect recipient and failing to shred confidential documents, which are preventable incidents that could prove costly.

Key findings:

  • 68% of data breaches went undiscovered for months or more
  • On average, 4% of people targeted in a phishing campaign will click. More worryingly, if someone has clicked before, they are likely to click again
  • 56% of incidents within the health care industry were caused by insider threats. This is the only industry where insider threats were greater than external. Of those incidents, 35% were caused by human error and 24% because staff misused their system access

It is apparent from the findings that human error is a problem that needs to be addressed.

Take action

Don’t let your staff be your point of failure. Educate them so that the risks can be mitigated. Even basic training goes a long way to preventing future security incidents.

Staff awareness training can help combat insider threats by ensuring that staff who have access to sensitive data have the correct knowledge and an understanding of information security, as well as being aware of the consequences and risks.

If your staff don’t take responsibility for their actions, your organization places itself in a more vulnerable position. Training, tools, and thought-provoking activities can make your staff aware of the cyber risks they face every day, and suggest actions and procedures to minimize those risks.

E-learning courses emphasize the importance of compliance and security, helping staff develop good habits, and increase their knowledge. This hassle-free and cost-effective option is a flexible way of delivering training to large numbers of employees.

A mix of training and awareness methods will help you enforce your messages. Take a look at our other staff awareness solutions here >>

The Information Security Staff Awareness eLearning Course is in the #BreachReady summer sale. Take advantage now >>