90% Of Breaches Are Caused By Human Error

Uploaded on 2020-03-10 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Human error caused 90% of cyber data breaches in 2019, according to  analysis of data from the UK Information Commissioner’s Office (ICO) carried out by CybSafe. According to their analysis, nine out of 10 of the 2376 cyber-breaches reported to the ICO last year were caused by mistakes made by end-users.

This is a significant increase from the previous two years, when 61% and 87% of cyber-breaches were ascribed to user error in 2017 and 2018 respectively.

CybSafe cited phishing as the primary cause of breaches in 2019, accounting for 45% of all reports to the ICO. ‘Unauthorised Access’ was the next most common cause of cyber-breaches in 2019, with reports relating to malware or ransomware, hardware/software misconfiguration and brute force password attacks also noted.... As this analysis shows, it’s almost always human error that enables attackers to access encrypted channels and sensitive information" siad Oz Alashe, CEO of CybSafe.

Security Incidents In Public Cloud Infrastructure

The cloud has enabled businesses to improve the agility of their IT infrastructure and the reliability of their services as well as increase their ability to deliver new products and services faster. As many organisations are digitising their operations, the popularity of the cloud has risen rapidly amongst both enterprises and small to medium-sized businesses (SMEs).

A recent report from Kaspersky Lab has revealed that security incidents in public cloud infrastructure are more likely to occur as a result of a customer's employees rather than by actions carried out by cloud providers.

According to Kaspersky's research, over a third of both SMB and enterprise companies are concerned about incidents affecting IT infrastructure hosted by a third party which could make the benefits of cloud redundant and carry commercial and reputational risks.

CybSafe:         Kaspersky:       Infosecurity Magazine:       CTOVision:      TechRadar:      

You Might Also Read:

Creating A Cyber Incident Response Policy:




 

« Russia Denies That It Attacked Georgia
Cyber Security Warnings For US 2020 Election »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

Assured Data Protection

Assured Data Protection

Assured Data Protection specialises in data protection and disaster recovery services for large SME and enterprise organisations.

SISA

SISA

SISA is a payment security specialist providing payment security assurance services, training and products to over 1,000 customers across the globe.

Executive Women's Forum (EWF)

Executive Women's Forum (EWF)

The Executive Women's Forum is the largest member organization serving emerging leaders and influential female executives in the Information Security, Risk Management and Privacy industries.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Digital Transformation EXPO (DTX)

Digital Transformation EXPO (DTX)

Digital Transformation EXPO showcases the latest technology and insight from the world’s leading brands and experts in DX.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Hut Six Security

Hut Six Security

Train, test and track your Information Security culture through information security awareness training and customised phishing simulation campaigns.

CyberKnight Technologies

CyberKnight Technologies

CyberKnight Technologies is a cybersecurity focused value-added-distributor (VAD) headquartered in Dubai and covering the Middle East.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Cyber Octet

Cyber Octet

Cyber Octet is an IT Solution, Security, Training and Services company. We provide training and services from Web Application Security to ISO 27001 implementation.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.