Human error causes eight out of 10 data breaches
A total of 2,692 reports were sent to the ICO last year, 80% of which could be attributed to actions taken by end users, although this figure is down from 90% in 2020.
Oz Alashe, CEO of CybSafe, says:
As identified in the analysis, human error is a major contributing factor allowing attackers to gain access to sensitive information and encrypted channels within organizations. Cybercriminals will often identify the path of least resistance and exploit employee vulnerabilities. Therefore, it is crucial that we focus on user security behaviors within our companies.
To combat the threat of cybersecurity breaches, we need to get rid of tick-box awareness exercises and address the human side of cybersecurity to achieve real behavior change. An empathetic and understanding approach is likely to have the desired outcome of improving employee safety awareness and behavior, without negative consequences.
Addressing this issue is key to reducing successful attacks against organizations. People have an important role to play in helping to protect the companies they work for, and human cyber risk can almost always be significantly reduced by encouraging changes in staff awareness, behavior and culture.
Phishing was the top cause of breaches in 2021, accounting for 29% of all reports, but again this is down from 2020, when almost 38% of breach reports were submitted to the ICO following successful phishing attacks.
Last year, ransomware became the second most common cause of cyber breaches. Causing 20 percent of all incidents, with 692 reported during the year.
You can learn more about the human element of cybersecurity on the CybSafe website.