Human behavior as the biggest cybersecurity risk

Risk and Human Behavior

The actions of employees can be one of the greatest cybersecurity risks facing an organization, according to Adenike Cosgrove from Proofpoint.

Cosgrove points out that cybercriminals, like most people, will take the path of least resistance when carrying out an attack. In most cases, this means tricking a human into letting them into an organization’s network, rather than going through the difficult process of hacking their own way in.

The Human Vulnerability

“Many organizations’ security and compliance tools focus on safeguarding the perimeter, helping to manage endpoints and patch system vulnerabilities,” she says. “But they struggle to protect against the human vulnerability. To stop today’s advanced attacks, businesses need to focus on protecting end users by adopting a people-centric cybersecurity strategy. These strategies are a realistic approach to cybersecurity, using technology and training to protect the people in organizations, not just the technology they use.”

Cosgrove adds: “Combining software-based security with employee education and vigilance holistically across the business is essential to minimizing human risks.”

Technical defenses won’t make a difference if attackers can achieve their goals by exploiting employees. New-school security awareness training can help organizations build a culture of security to mitigate human-based vulnerabilities.

TL;DR

• Take a people-centric approach to cybersecurity — combine technical, process, and people-based controls to minimize human risk.
• Cybercriminals exploit human vulnerabilities, making employee actions one of the greatest risks if left unchecked.
• A lack of cybersecurity education and vigilance creates a risky cyber environment for organizations.

More Information

Help Net Security – Human behavior: the greatest cybersecurity risk to your business?