A new report from Living Security and the Cyentia Institute sheds light on the real human element behind cybersecurity threats, and it’s not what most organizations expect.
The Risky Business: Who Protects & Who Puts You at Risk report analyzes data from over 100 organizations and challenges conventional thinking by revealing that a small portion of users, just 10 percent, are responsible for nearly 73 percent of all risky behavior in the enterprise.
“The riskiest users aren’t who and where you think,” the report notes. Surprisingly, remote and part-time workers are often less risky than full-time, in-office employees. Meanwhile, 78 percent of users help reduce cyber risk more than they contribute to it.
Beyond phishing: what human risk really looks like
The study argues that the traditional security focus on phishing is too narrow. Instead, it identifies risk signals tied to identity, access, behavior, and external threats. These include risky behaviors like poor credential hygiene, as well as external events such as being targeted by malware or phishing campaigns.
Interestingly, events beyond a user’s control, such as threat targeting, also shape their risk…
