The Human Element in Cyber Security

Cyber criminals are quickly discovering the most effective way to hack a company is via people – not systems.

New reports show that human error accounts for 95% of all cyber incidents.

This figure shows how important cyber security training is for both employees and business owners.

How is this figure so high?

Human error in cyber security can manifest through various actions, each potentially leading to a significant breach. Understanding these can help small businesses and sole traders implement strategies to mitigate risks effectively:

  1. Poor Password Hygiene: Employing simple or predictable passwords, or reusing the same password across different accounts, can significantly lower the barrier for attackers seeking access to confidential data.
  2. Phishing Scams: Succumbing to phishing attempts that mimic legitimate communications can lead to unintentional disclosure of sensitive information or the inadvertent installation of malware.
  3. Mismanagement of Access: Granting unnecessary access to critical systems, or failing to revoke such access from former employees, can open up exploitable vulnerabilities within your network.
  4. Unsecured Personal Devices: Utilising personal devices for business without adequate security measures can inadvertently provide cybercriminals with a pathway into your organisation’s network.
  5. Neglecting Software Updates: Overlooking the importance of regular software updates leaves outdated systems vulnerable to attacks that exploit known security flaws.
  6. Accidental Disclosure: Mistakenly sending sensitive information to the wrong recipient, be it through email or other communication channels, can expose critical data to unintended parties.
  7. Improper Data Handling: Inadequate protection or careless handling of physical devices containing sensitive information, such as USB drives or laptops, can result in data loss or theft.
  8. Insecure Wi-Fi Use: Connecting to unsecured or public Wi-Fi networks without proper safeguards can allow attackers to intercept sensitive information transmitted over these networks.
  9. Lack of Security Awareness: A fundamental misunderstanding or lack of awareness about cyber security best practices among employees can lead to risky behaviours that compromise security.


More Posts