Report: Your Biggest Cyber Security Threat is Your Own Employees
A new report says that negligent employees are the root cause of most cyber security incidents.
54% of IT professionals point the finger at negligent employees as the main cause of most cyber security issues according to a report by Keeper Security and the Ponemon Institute. The report, titled “2017 State of Cybersecurity in Small and Medium-sized Businesses,” came out on Tuesday.
The study was conducted by polling 1,000 IT professionals from small and medium-sized businesses across North America and the UK. Their responses shed light on some troubling developments, especially considering how profound an impact cyber security incidents can have on small and medium-sized businesses. According to the National Cyber Security Alliance, 60% of the SMBs that suffer a cyber attack go out of business within six months of the incident.
Per the Ponemon report, over 50% of the SMBs surveyed had experienced a ransomware attack in the past year. And, circling back to negligent employees, 79% of those attacks came as a result of phishing or some other form of social engineering.
Granted, the word “negligent” may be a little harsh considering how convincing some of these attempts are – just the other week we talked about how a college in Canada got phished for nearly $12-million after attackers pretended to be the school’s construction partner – but it is employee error that is allowing many of these attacks to succeed.
The report also found that over 61% of SMBs had been breached in the past year, up from 55% in 2016. The amount of data being stolen during breaches rose as well, from 5,079 records in 2016 to 9,350 this year.
Beyond negligent employees, many of the IT professionals surveyed voiced concerns over their companies’ password policies – or lack therof. Only 43% of those surveyed said their company had one in place.
Here are a few other key takeways:
- 50% of US companies’ data can be accessed via employees’ tablets or smartphones.
- 56% of IT professionals believe that IoT devices are their network’s most vulnerable endpoints.
- The report estimates the average price of an attack at over $1-million.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownA Call To Let’s Encrypt: Stop Issuing “PayPal” Certificates
in Industry Lowdown