90% Of Breaches Are Caused By Human Error

Uploaded on 2020-03-10 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Human error caused 90% of cyber data breaches in 2019, according to  analysis of data from the UK Information Commissioner’s Office (ICO) carried out by CybSafe. According to their analysis, nine out of 10 of the 2376 cyber-breaches reported to the ICO last year were caused by mistakes made by end-users.

This is a significant increase from the previous two years, when 61% and 87% of cyber-breaches were ascribed to user error in 2017 and 2018 respectively.

CybSafe cited phishing as the primary cause of breaches in 2019, accounting for 45% of all reports to the ICO. ‘Unauthorised Access’ was the next most common cause of cyber-breaches in 2019, with reports relating to malware or ransomware, hardware/software misconfiguration and brute force password attacks also noted.... As this analysis shows, it’s almost always human error that enables attackers to access encrypted channels and sensitive information" siad Oz Alashe, CEO of CybSafe.

Security Incidents In Public Cloud Infrastructure

The cloud has enabled businesses to improve the agility of their IT infrastructure and the reliability of their services as well as increase their ability to deliver new products and services faster. As many organisations are digitising their operations, the popularity of the cloud has risen rapidly amongst both enterprises and small to medium-sized businesses (SMEs).

A recent report from Kaspersky Lab has revealed that security incidents in public cloud infrastructure are more likely to occur as a result of a customer's employees rather than by actions carried out by cloud providers.

According to Kaspersky's research, over a third of both SMB and enterprise companies are concerned about incidents affecting IT infrastructure hosted by a third party which could make the benefits of cloud redundant and carry commercial and reputational risks.

CybSafe:         Kaspersky:       Infosecurity Magazine:       CTOVision:      TechRadar:      

You Might Also Read:

Creating A Cyber Incident Response Policy:




 

« Russia Denies That It Attacked Georgia
Cyber Security Warnings For US 2020 Election »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Shape Security

Shape Security

Shape Security provide best-in-class defense against malicious automated cyberattacks on web and mobile applications.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

VS Security Products

VS Security Products

VS Security Products design, manufacture and sell the most extensive range of degaussers and data destroyers on the market, suitable for all types of magnetic media.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

Red River

Red River

Red River is a technology transformation company, bringing 25 years of experience and mission-critical expertise in analytics, cloud, collaboration, mobility, networking and security solutions.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Hayes Connor Solicitors

Hayes Connor Solicitors

Hayes Connor Solicitors is a specialist data breach and cybercrime law firm. We act for clients on individual data breaches and also where a group has been compromised as part of a targeted attack.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

Stratascale

Stratascale

Stratascale is a consultant, systems integrator, and technology advisor with expertise in Automation, Cloud Ascension, Cybersecurity, Data Intelligence, and Digital Experience solutions.

DYOPATH

DYOPATH

At DYOPATH we work with the single purpose of helping our clients combat the ongoing increase of cyber threats, the growth in more complex IT environments, and ever-increasing human capital shortages.

Whalebone

Whalebone

Whalebone develop user-centric, no-installation network security products for telcos, internet service providers, enterprises, public institutions, and governments.