Cyber Risk: Human Carelessness is Major Cause of Loss

I read an article recently published by Egress Software Technologies in the UK.  Working with the Information Commissioner’s Office (ICO) in the United Kingdom, 2014 saw a tremendous increase in reported cyber breach incidents which were triggered by human error.  Egress reported that: “only 7% of breaches for the period occurred as a result of technical failings……The remaining 93% were due to human error, poor processes and systems in place, and lack of care when handling data.”  These are key findings with regard to Cyber Risk.

Egress’s infographic is pretty interesting:

human error

That is pretty surprising given the increased attention employers and the media are giving to cyber and privacy risk.  Why is this happening?  It may be complacent attitudes, poor communications to employees, or the thought that “it’s never going to happen to me”.  Whatever the reason it signals the need for employers to be more vigilant against such lapses.  The first step in that vigilance is to establish a Cyber Security & Corporate Privacy Policy which is a detailed communication of the risks and issues around Cyber so employees understand the emphasis you as a business leader have on digital security.  It will include permissive use of email, the internet, social media, bring your own device (BYOD) policy, passwords, etc.

Once the policy is established it’s than important to have an ongoing communication strategy to remind employees of their duties and the importance of maintaining strong digital security.  As mentioned, carelessness is a huge and avoidable cyber risk, but it needs to be managed.

For a sample copy of a corporate Cyber Security and Privacy Policy, please contact me, I’d be happy to share a sample with you and discuss how we can help secure your business from this increasing and pervasive threat.