According to Verizon’s 2023 Data Breach Investigation Report, 74% of all data breaches are due to human error. This makes it the largest risk to corporate security and one of the most difficult to combat. Everyone makes mistakes and it is difficult to account for this through security measures.
In this article, Titan Security Europe discusses the risk of human error and examines the benefits of implementing security convergence in combating this risk.
Cybersecurity and human error
In cybersecurity, human error is defined as an unintentional action (or inaction) by a person that leads to uncertain outcomes such as data breaches. There are two main types of human error:
- Skill-related errors: Errors arise from temporary oversight. The employee knows the correct approach to the task he is performing, but due to fatigue, inattention, or distraction, makes a seemingly small mistake that can have a major impact.
- Decision-Based Errors: This is where an employee makes an active decision that results in a violation or risk, but does not do so with malicious intent. This is usually due to a lack of knowledge or training. Inaction is also considered a decision-related error; For example, you can ignore a security warning and still continue with a task.
Human error can take the following forms:
- Employee Negligence: Employee negligence accounts for approximately 42% of all cyber threats based on human error. Negligence includes devices left unattended and misuse of data. Such negligence is rarely intentional, but it can easily result in data falling into the wrong hands, which can lead to serious breaches.
- Security vulnerabilities: Small and seemingly insignificant factors such as weak passwords, unlocking accounts and devices, and leaving credentials exposed can lead to hacking, stolen credentials, and stolen data.
Such errors can lead to:
- Phishing scams: Phishing scams are the most common cyberattack on businesses. In phishing scams, fraudsters contact employees and pose as a partner, customer or colleague to request that they provide confidential information. In most cases, falling for these attacks is due to human error.
- Lost/Stolen Devices: Devices containing employee credentials, sensitive data, and more account for 28% of cyber threats caused by human error. They can be lost due to negligence or easily stolen if a remote worker or commuter carrying their work device becomes distracted.
- Stolen employee credentials: With 33% of data breaches caused by human error, employee credentials can be stolen if their records are left where anyone can find them, or if remote employees work on a public network, leaving them vulnerable to hackers. Stolen access data allows non-employees to gain access to systems and data unnoticed.
Importance of security convergence
Little can be done to completely prevent human error. However, steps can be taken to minimize the risk of human error and prevent the consequences if an error occurs.
This is where security convergence comes into play. Security convergence is the process of using physical security measures alongside cybersecurity measures to create a security system with less room for error.
Physical and cybersecurity measures work together to cover each other’s blind spots. While cybersecurity aims to protect data stored in the cloud in ways that physical security cannot achieve, physical security measures cover human error – and do not rely on power, internet connectivity or other digital means that could fail.
In short, security convergence ensures that an organization is protected at all times and for all reasons.
Security convergence in action
When implemented correctly, security convergence minimizes the risk and consequences of human error and protects organizations from careless and costly mistakes.
Below are some examples of security convergence in practice.
Human Error: Phishing Scams.
The cyber side: Multi-factor authentication should be set up for email authorization. Emails sent to employees should be screened so that only recognized identities can contact a company’s employees.
The physical side: Employers should provide regular training for their employees to recognize and prevent phishing scams. Employees should be instructed to refer suspicious requests to their supervisors for review. Employees should also require authentication – be it a password or proof of credentials – before sending sensitive data at another person’s request.
Human error: employee negligence.
The cyber side: Devices should be locked if they are inactive for more than a few minutes, and unlocking requires entering a password. Data encryption should be in place for all sensitive data. In order to decrypt and use the data, employees would have to enter a specific code. Passwords should be strong and changed frequently.
The physical side: Video surveillance should be operational throughout the building and monitored continuously to allow for intervention if someone is caught using a device that does not belong to them. There should also be security guards at the main reception of an office to check the identity of everyone entering and prevent unauthorized persons from entering.
Human Error: Stolen Credentials.
The Cyber Side: MFA ensures that credentials alone are not enough to access an account, system or data. Even if someone were to obtain an employee’s credentials, they would not be able to access the data without having access to the employee’s phone to obtain a code or without having the employee’s biometric data.
The physical side: Enforce zero trust policies and forced password resets on a monthly basis. Conduct security awareness programs to make employees aware of the dangers of leaving credentials out there for everyone to see. Employees should be discouraged from writing down login information in notebooks or on paper, and even if they do, they should not be left on desks or in public spaces.
Human Error: Lost/Stolen Devices.
The Cyber Side: Data stored on company devices should be protected with firewalls, passwords and data encryption. There should be failsafes in place that will cause the device to be completely wiped if incorrect passwords are entered multiple times.
The physical side: When working in the office, devices should be used at the workplace and alone at the workplace. When employees are not in the office, they should hand over their devices to security staff, who will distribute devices only to registered employees. For remote workers, employees should be provided with separate laptops and phones for work purposes to prevent important data from being mixed with their personal devices.
Diploma
The inevitability and unpredictability of human error is what makes it such a huge risk to organizational security. No cyber protocol alone can completely prevent an accidental misclick or careless loss.
Security convergence minimizes the risk of human error leading to costly losses. Adopting physical alongside cyber systems covers blind spots, enables intervention, and provides a last line of defense that cyber security alone is difficult to provide.
