With cybersecurity, the focus often is on technology — specifically, how cyber criminals use it to conduct attacks and the tools that organizations can use to keep their systems and data safe. However, this overlooks the most important element in cybersecurity risk: human error.
Human risk in cybersecurity
Proofpoint’s 2024 Voice of the CISO report found that three in four (74%) chief information security officers (CISOs) said human error was their top cybersecurity risk. This reveals significant growth from last year’s 60% of CISOs expressing this sentiment. The study also found a key gap between CISOs and the boardroom. Board members were less likely (63%) to point to human error than CISOs, which shows that CISOs should focus on educating leadership as well as employees.
Several of the top causes for data loss events in the survey were related directly to employees. The top response (42%) was negligent insider/employee carelessness, such as an employee misusing data. Other reasons included a malicious or criminal insider (36%), stolen employee credentials (33%) and lost or stolen devices (28%).
The IBM 2024 threat index supports this finding,…