The Cyber Security Threat From Employees

One of the biggest threats to cyber security in any organisation comes from its employees, even if they aren’t behaving maliciously. We all make mistakes. We are only human, after all. Unfortunately, when it comes to cyber security, that’s also kind of the problem. The human factors in cyber security are one of the biggest challenge when building an effective threat prevention strategy.

Human error is the leading cause of data and security breaches, responsible for over 90 percent of such incidents as they are not predicable, whereas technology and computers are predictable. 

Computer systems and tech related appliances will conduct the exact task they have been coded to perform. They have no free will nor will they apply their own decisions. They cannot interpret the orders given to them depending on whether they make sense, or, if they are ethical or not. Therefore, they are reliable.

On the other-hand people are weak in security awareness and governed by emotions, characteristic traits, personal views and ideologies that dictate their actions each day. 

Furthermore, they are manipulated by persuasion or curiosity and are susceptible to everyday mood changes. People are the weak link between an intruder and security and their behavior can lead to exploitation. Cyber-crime is solely human related and security is a people problem. 

Three reasons explain why technology and security are inter-correlated with humans. 

  • Firstly, people are in control of systems and technology, not the other way around. 
  • Secondly, people have monetary or data gains from exploiting it. 
  • Thirdly, there are victims that provide an easy target for malicious behavior. 

As a consequence, even though security tools and software are rapidly adapting to new complex threats, the threats are also changing to overcome the new barriers. Humans are adaptable and innovative and they can interpret instructions. Common mistakes from individuals can answer the question why is ransomware and other threats still spreading.

In order for any type of malware to run in a computer it has to be executed by a user. Firstly, it has to be downloaded and secondly, it has to ask for permission to run in the system. 

Both actions require a human to authorise them, whether the user knows what he or she is downloading. For that matter we need to make a clear distinction between intentional and thus malicious user and unintentional or naive user. Malicious users mainly exist inside organisations and companies that employ them.

The malicious insider usually possesses some level of technical skills and has a deeper motive behind his actions, namely, revenge for his mistreatment by a company or dissatisfaction for his salary. These attacks are specific and offer insight on the attacker himself. However interesting, the main issue at hand are everyday users who lack knowledge and motivation to adapt with technology. These users, named unintentional insiders, are the main issue that shed light to the human factor in the majority of ransomware attacks.

Ignorance is a key concept present in many cases of users. More often than not this will lead to accidental downloads of files the user doesn’t recognise or knows what they are. The failure to identify them makes the user curious as to what they are or if they are useful. 

Furthermore, the attack may seem like an official site or file that asks the user to download it and run it. In similar tests about Phishing e-mails, which are categorised as social attacks. Humans believe that such threats and attacks don’t involve them and would never happen. This leads to behavioral patterns like using simple passwords to access the system or even the same password for various systems.

Often an attack will be caused by a current or former employee, contractor, or business partner who has or had authorised access to an organisation’s network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organisation’s information or information systems. 

When security incidents happen at a business, it’s important that employees are on hand to either spot the breach, or mitigate the risks. After all, while employees can pose a risk to companies (as seen in our findings thus far), they also have an important role to play in helping protect the companies they work for. However, employees don’t always take action when their company is hit by a security incident. In fact, in 40% of businesses around the world, employees hide an incident when it happens.

Technology is always changing and adapting, following the speedy evolution of systems, while users may fall behind. Hard to use new technologies that are introduced without firstly slowly introducing the changes can cause confusion to users, especially when they are not experts to the field.

Small and medium businesses are being targeted by cyber criminals much more frequently than individuals and they often end up paying ransomware to the hackers.

Organisations often bury the incident and do not report the attack. The dark number of ransomware attacks is such due to the fact that admitting it means the organisation or business lacked security procedures and placed their client’s data at risk. In the worst case scenario, the decryption key provided by the attacker is false and will not unlock the infected system, forcing the victim to report the crime.

In order to overcome these potential deficiencies organisations should implement a wide variety of training schemes in an attempt to educate end-users and we recommend GoCyber as a training package to test as it really engages and improves employees and managements cyber security.

Vircom:        NIST:       Kaspersky:      Dark Reading:         iCIO:          ResearchGate:       Semantic Scholar

You  Might Also Read:

Every Single Employee Requires Cyber Security Training:

 

« China's Surveillance State Extends Beyond Its Borders
Unicorn Hacked By ShinyHunters »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

oneclick

oneclick

oneclick is a central access and distribution platform in the cloud, enabling the management of the entire technology stack for application provisioning.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Reliance ACSN

Reliance ACSN

Reliance ACSN managed security and consultancy services support organisations throughout the challenges of assurance, awareness, detection, response and prevention.

Outseer

Outseer

Outseer is a leading technology company in the fight against payments fraud. Outseer reliably determines authentic customers from fraudulent behavior.