3 Types of Human Risk That Cause Network Security Threats & How to Prevent It
Jul 18, 2019
Sources of Human Risk and Insider Threats in Cybersecurity
Insider threats can be unintentional or they can be malicious. All humans make mistakes, but it is the consequences that organizations are faced with when that mistake leads to a security incident. The weakest link when implementing a cybersecurity program in your organization are your employees. Recent research has stated that human error is cited in 95% of all security incidents, and that hackers have focused their attention on humans as opposed to machines to breach an organization. An example of this is the increase in social engineering and phishing attacks that have occurred within the last year to manipulate employees into releasing credentials and personal information.
With the increase in cybercrime targeting organizations through their employees, how can you safeguard your company’s information to avoid becoming a victim? We will review the three main types of human error that play a role in creating network security threats and provide key takeaways for instilling a culture of information security at your organization.
Misuse of company resources happens frequently. Employees will use their company devices for personal use, such as checking online bank accounts, personal email addresses, or even conducting cryptocurrency mining (yes, we have seen this before). With these activities happening so often, it leaves the company vulnerable to a cyber-attack through malware or exploitation of credentials.
Additionally, there has been an increase in data misuse where an employee has authorization to access sensitive company information within their systems. An example of this is the “Uber God View” incident that occurred in 2015, where an employee violated the company’s policy by using its God View tool to track a journalist who was late for an interview with an Uber executive. The God View tool allows Uber to track both Uber vehicles and customers for business purposes solely.
Takeaway: It is important for organizations to have a clear policy in place to prevent users from using company resources for personal use and to prevent data misuse for personal intent. Moreover, implementing real-time network monitoring will provide greater visibility into how your employees are using the data as stated in the company’s policy so you can stop it before it escalates into a bigger issue.
As stated above, mistakes happen all the time, but more often than not they occur because of carelessness, everyday bad habits, and/or sheer ignorance because they weren’t trained properly on information security at an organization. Examples of mistakes that can result into a data breach include:
- Clicking on unknown emails or downloading unknown files
- Filling out a form with personal information without confirming the legitimacy of the company or website
- Not disposing properly of sensitive documents
- Sending emails with sensitive information unencrypted
The list can go on, but these are mistakes that happen all the time without much thought into the risks involved with these actions, that can leave an organization vulnerable and exposed to a potential data breach.
Takeaway: With this being one of the most common cybersecurity and computer threats an organization can face, preventing this should be a top priority! The main way to prevent this from happening in your business is by fostering a culture of information security and educating employees on ways they can unintentionally cause a security breach. By doing so, you will build a resilient network environment, minimizing the cyber risks correlated with human errors. Your organization should have processes in place to report suspicious emails and attacks, and provide training with security awareness and best practices for safeguarding sensitive information.
When human error does not result from either misuse or mistake, it’s considered a malicious insider threat or attack. Insider threat to cybersecurity could include the following:
- Theft of confidential or valuable information
- Theft of intellectual property
- Sabotage of the organization’s networks and computer systems
According to the Insider Threat 2018 Report, 90% of organizations feel vulnerable to insider threats. CEO and Founder of Cybersecurity Insiders, Holger Schulze, stated, “Insider threats are often more damaging than attacks from malicious outsiders or malware. That’s because they are launched by trusted insiders – both malicious insiders and negligent insiders with privileged access to sensitive data and applications.”
Takeaway: It’s imperative that organizations take time to assess their employees and analyze factors, such as characteristics, abnormal behaviors, and patterns of suspicious activity. The National Cybersecurity and Communications Integration Center released a guide called, Combating the Insider Threat, which can assist organizations in detecting deviations in behavioral norms to detect and prevent insider threats from occurring.
Another way to mitigate this type of threat would be to implement a thorough vetting process when interviewing potential applicants or creating a hierarchical system in the workplace. Just as in the military, certain levels of access could be granted once certain conditions are met (job title or position, level of trust, etc.). This is something worth considering especially for positions that will grant access to highly sensitive and important organization files and records.
Need Help Removing Network Security Threats?
Secuvant offers 24/7 Managed Detection and Response Services in which we have the resources and expertise to help your organization detect and prevent cyber security threats caused by human error. Contact us at (855) 732-8826 or email@example.com to have a security professional answer your questions today!