Employees Are Still The Cause Of Most Cyber Breaches

 

 

It is commonly seen that when it comes to transferring and storing of data, dealing with user credentials, backup of files, employees prioritise personal convenience over security protocols.

 

 

• Insider malice.

• Poor Password Practices

• Weak Access Policies

• Phishing and Social Engineering

• Loss of endpoints

• Malware

 

 

It has been reported many times in the past that many data breaches were result of information sent by email to the incorrect recipient.

 An employee at an HIV clinic in London accidentally entered the email addresses of patients in the ‘To’ field in place of ‘Bcc’ field and the organisation was fined £180,000 for the breach of privacy of the patients.

 2.      Sending Unnecessary attachments or information over email

 There are multiple incidents reported where more than the required information sent over email by employee had led to data breach:

According to the Winnipeg Free Press, an employee of the city of Calgary, Alberta, accidentally leaked the personally identifiable information (PII) of more than three thousands employees in June 2016,. The extra information was perhaps provided while seeking technical assistance.

 3.      Using Company resources for personal use

Many employees use office laptops and mobile devices for their personal use which may lead to data breach.

 4.      Insecure Downloads 

 Each of employees is in charge of their own endpoints, and what they download could be a cyber threat to your whole organisation. It is seen that employee many times are not able to differentiate a Trojan-laden file or a risky click to the link sent by an email spammer.

 

 

1.      Cyber Security Training

2.      Cyber Risk Culture

3.      Awareness

4.      Cyber ethics and Cyber Behaviors

 

 

Ratan Jyoti is Chief Information Security Officer (CISO) at Ujjivan Small Finance Bank:

 

Ratan Jyoti On Twitter:

 

 

Bank Data Breaches Are Up And It's An Inside Job: