Human error causes the worst security breaches

More than 300 executives surveyed to determine the frequency and severity of people-centric data breaches.

  • 3 years ago Posted in
Proofpoint has announced the availability of a new survey from The Economist Intelligence Unit to help organizations gauge the frequency and severity of people-centric data breaches, and the steps companies are taking to address them. The study, entitled “Cyber Insecurity: Managing Threats From Within,” surveyed more than 300 corporate executives, including CIOs and CISOs, from North America, Europe, and Asia/Pacific. Respondents overwhelmingly identified people-centric threats as the cause for the most detrimental cybersecurity breaches, which include socially-engineered attacks and human errors, rather than failure of technology or process.

“More than 99 percent of targeted cyberattacks depend on human interaction to be successful,” said Ryan Kalember, executive vice president of Cybersecurity Strategy for Proofpoint. “The Economist Intelligence Unit findings reinforce just how important it is for organizations to take a people-centric approach to their security strategy. Security teams need to know exactly who within their organization is being targeted and why—and educate their people on best security practices. Cybersecurity has clearly evolved into a human challenge as much as a technical challenge.”

The Economist Intelligence Unit findings highlight how more than 300 respondents are addressing today’s top threats, the major obstacles that impede implementing best practices, and how organizations are moving forward. Key insights include:

·The majority of executives surveyed (85%) agree that human vulnerabilities cause the most detrimental cybersecurity breaches rather than failure of technology or process.

·Eighty-six percent of executives surveyed have experienced at least one data breach in the past three years, with well over half (60%) having experienced at least four.

·Nearly half (47%) say it’s very or extremely likely that they will face a major data breach in the next three years. Only 56% of healthcare executives are confident their organization can prevent, detect or respond to a data breach.

·The top three ways a data breach disrupted their businesses include: loss of revenue (33%), especially at large companies (38%); loss of clients (30%); and termination of staff involved (30%).

·91 percent agree that their organization needs to better understand which cybersecurity measures work best—their focus needs to shift from quantity to quality. Almost all respondents (96%) say the board and C-suite strongly support efforts to control cybersecurity risks and 93% say the board and C-suite are regularly updated on cybersecurity risks.

·Addressing data breaches at the organizational level and alternating human behavior within the organization are critical steps to mitigating data breaches. 82% agree that data breach risk is an essential C-suite priority.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
73% of organizations lack automated patch management, and 62% experienced incidents involving exploitation of a vulnerability for which a patch was available but had not yet been deployed.
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with certain of its affiliates, “Clearlake”) to acquire the Company from Francisco Partners. Patrick Nichols, current CEO of Quest, will continue to lead the Company supported by the existing executive management team. Upon closing of the transaction, Clearlake will become the majority shareholder in Quest. The terms of the transaction were not disclosed.
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to help secure, isolate and recover data from a ransomware attack.
Aqua’s cloud native application protection platform becomes the only solution that protects cloud applications, their code, and their CI/CD infrastructure.
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities compared to legacy on-premises hardware and appliance-based models.