Report: Your Biggest Cyber Security Threat is Your Own Employees
A new report says that negligent employees are the root cause of most cyber security incidents.
54% of IT professionals point the finger at negligent employees as the main cause of most cyber security issues according to a report by Keeper Security and the Ponemon Institute. The report, titled “2017 State of Cybersecurity in Small and Medium-sized Businesses,” came out on Tuesday.
The study was conducted by polling 1,000 IT professionals from small and medium-sized businesses across North America and the UK. Their responses shed light on some troubling developments, especially considering how profound an impact cyber security incidents can have on small and medium-sized businesses. According to the National Cyber Security Alliance, 60% of the SMBs that suffer a cyber attack go out of business within six months of the incident.
Per the Ponemon report, over 50% of the SMBs surveyed had experienced a ransomware attack in the past year. And, circling back to negligent employees, 79% of those attacks came as a result of phishing or some other form of social engineering.
Granted, the word “negligent” may be a little harsh considering how convincing some of these attempts are – just the other week we talked about how a college in Canada got phished for nearly $12-million after attackers pretended to be the school’s construction partner – but it is employee error that is allowing many of these attacks to succeed.
The report also found that over 61% of SMBs had been breached in the past year, up from 55% in 2016. The amount of data being stolen during breaches rose as well, from 5,079 records in 2016 to 9,350 this year.
Beyond negligent employees, many of the IT professionals surveyed voiced concerns over their companies’ password policies – or lack therof. Only 43% of those surveyed said their company had one in place.
Here are a few other key takeways:
- 50% of US companies’ data can be accessed via employees’ tablets or smartphones.
- 56% of IT professionals believe that IoT devices are their network’s most vulnerable endpoints.
- The report estimates the average price of an attack at over $1-million.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018in Hashing Out Cyber Security
How to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chromein Everything Encryption
Re-Hashed: How to Fix SSL Connection Errors on Android Phonesin Everything Encryption
Cloud Security: 5 Serious Emerging Cloud Computing Threats to Avoidin ssl certificates
This is what happens when your SSL certificate expiresin Everything Encryption
Re-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Messagein Hashing Out Cyber Security
Report it Right: AMCA got hacked – Not Quest and LabCorpin Hashing Out Cyber Security
Re-Hashed: How to clear HSTS settings in Chrome and Firefoxin Everything Encryption
Re-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithmsin Everything Encryption
The Difference Between Root Certificates and Intermediate Certificatesin Everything Encryption
The difference between Encryption, Hashing and Saltingin Everything Encryption
Re-Hashed: How To Disable Firefox Insecure Password Warningsin Hashing Out Cyber Security
Cipher Suites: Ciphers, Algorithms and Negotiating Security Settingsin Everything Encryption
The Ultimate Hacker Movies List for December 2020in Hashing Out Cyber Security Monthly Digest
Anatomy of a Scam: Work from home for Amazonin Hashing Out Cyber Security
The Top 9 Cyber Security Threats That Will Ruin Your Dayin Hashing Out Cyber Security
How strong is 256-bit Encryption?in Everything Encryption
Re-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3in Everything Encryption
How to View SSL Certificate Details in Chrome 56in Industry Lowdown
PayPal Phishing Certificates Far More Prevalent Than Previously Thoughtin Industry Lowdown