90% Of Breaches Are Caused By Human Error

Uploaded on 2020-03-10 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Human error caused 90% of cyber data breaches in 2019, according to  analysis of data from the UK Information Commissioner’s Office (ICO) carried out by CybSafe. According to their analysis, nine out of 10 of the 2376 cyber-breaches reported to the ICO last year were caused by mistakes made by end-users.

This is a significant increase from the previous two years, when 61% and 87% of cyber-breaches were ascribed to user error in 2017 and 2018 respectively.

CybSafe cited phishing as the primary cause of breaches in 2019, accounting for 45% of all reports to the ICO. ‘Unauthorised Access’ was the next most common cause of cyber-breaches in 2019, with reports relating to malware or ransomware, hardware/software misconfiguration and brute force password attacks also noted.... As this analysis shows, it’s almost always human error that enables attackers to access encrypted channels and sensitive information" siad Oz Alashe, CEO of CybSafe.

Security Incidents In Public Cloud Infrastructure

The cloud has enabled businesses to improve the agility of their IT infrastructure and the reliability of their services as well as increase their ability to deliver new products and services faster. As many organisations are digitising their operations, the popularity of the cloud has risen rapidly amongst both enterprises and small to medium-sized businesses (SMEs).

A recent report from Kaspersky Lab has revealed that security incidents in public cloud infrastructure are more likely to occur as a result of a customer's employees rather than by actions carried out by cloud providers.

According to Kaspersky's research, over a third of both SMB and enterprise companies are concerned about incidents affecting IT infrastructure hosted by a third party which could make the benefits of cloud redundant and carry commercial and reputational risks.

CybSafe:         Kaspersky:       Infosecurity Magazine:       CTOVision:      TechRadar:      

You Might Also Read:

Creating A Cyber Incident Response Policy:




 

« Russia Denies That It Attacked Georgia
Cyber Security Warnings For US 2020 Election »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

authen2cate

authen2cate

Authen2cate offers a simple way to provide application access with our Identity and Access Management (IAM) solutions for enterprise, small business, and individual customers alike.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

Cysec Resource Co (CRC)

Cysec Resource Co (CRC)

We offer expertise in information and cyber security, sourcing individuals and teams who provide information security expertise to the public and private sector.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

Zentera Systems

Zentera Systems

Zentera's CoIP (Cloud over IP) solution offers enterprise-grade networking and security for the emerging cloud ecosystem.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

United Biometrics

United Biometrics

United Biometrics is an anonymous and real-time authentication platform designed to stop the fraud for mobile payments, e-Commerce and applications.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Scality

Scality

Scality storage unifies data management from edge to core to cloud. Our market-leading file and object storage software protects data on-premises and in hybrid and multi-cloud environments.

Scytale

Scytale

Scytale is the global leader in security compliance automation, helping companies get compliant and stay compliant.

C3iHub

C3iHub

C3iHub was set up to drive technology and skills development on Cyber-Physical Systems (CPS) and associated Cybersecurity technologies.