An important part of the experience of being human is making mistakes. It’s how we learn and grow; but, in the world of cyber security, human mistakes can be costly. According to an IBM study, 95% of cyber security breaches are caused by human error.
What Causes Human Error?
Many factors contribute to human error, but most of them are attributable to these three issues:
- Environment: physical environment contributes to errors, including comfort, temperature, privacy, and noise level.
- Culture: errors are more likely in a culture where shortcuts are routine, security is an afterthought, and communication is lacking.
- Lack of awareness: a lack of knowledge is a big factor in human error.
How Does Human Error Affect Cyber Security?
Human error refers to unintentional acts by employees or other users that allow a breach to occur. Here are the types of errors that occur most frequently in leading to cyber security breaches:
- Inadequate access control: granting extensive network access to too many employees expands the possible access points, making cybercrime attacks easier for criminals.
- Misdirected emails: 58% of employees have emailed the wrong person at work. While this is usually just an embarrassment, these errors can also lead to thefts and data loss.
- Patching delays: when software vulnerabilities are discovered, patches are released to fix the problem. Failure to apply patches in a timely manner leaves the network exposed to cybercriminals.
- Poor password security: passwords should be the first line of cyber defense, but 61% of breaches result from compromised user credentials. Common password problems include the following:
- Keeping the same password for an extended time
- Reusing the password on multiple sites
- Using an easy or common password
- Writing down or sharing passwords
How Do You Minimize Data Breaches Caused by Human Error?
There are a number of steps that can be taken to minimize opportunities for human error and improve your level of cyber security; here are a few:
- Change the culture: build a security-minded culture by encouraging discussion, facilitating Q&A sessions, and posting reminders and tips in plain view. Investing in cyber liability insurance also sends a strong message about prioritizing cyber security.
- Implement privilege control: limit employee access to the critical elements of their job.
- Strengthen password management: utilize applications to generate and store strong passwords to eliminate simple passwords or the risk of writing them down. Two-factor authentication provides an extra layer of protection.
- Provide training: relevant and engaging training for all employees on core cyber security issues will help reduce errors.
Human error will probably never be fully eliminated, but by investing in cyber liability insurance and making a small reduction in human error, your business can make big strides to prevent significant losses due to cybercrime.
About Haughn & Associates
Founded by Michael Haughn in 1986, Haughn & Associates is a full-service, family-owned, independent insurance agency based out of Dublin, Ohio. H&A strives to provide the best possible price and unique insurance solutions across a myriad of industries, including construction, IT, Habitation & Commercial Property, Agriculture, and Engineering. Devoted to providing the best of business insurance, life and disability insurance, personal insurance, employee benefits, and bonds, H&A is proof that success lies in long-standing client relations and satisfaction. To learn more about how H&A can be of service to you, contact us at (877) 802-2278.