At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    “Human Error” Ranked as the Top Cybersecurity Threat While Budgets Remain Misaligned

    “Human Error” Ranked as the Top Cybersecurity Threat While Budgets Remain Misaligned

    New insights into the state of data security show a clear focus on the weakest part of your security stance – your users – and organizations doing little to address it.

    It’s frustrating when the answer is right there in front of the face of organizations today and you have to watch them scramble around the problem without really addressing it. This is exactly what I see in the data found in Thales’ 2022 Data Threat Report.

    Within the report, we find data points of brilliance around awareness of the problem of users:

    • Human Error is seen as the highest threat to organizational security, with 38% of organizations ranking it as the top threat. For reference, Nation States was only a top concern for 28% of organizations.
    • 29% of organizations ranked ‘accidental human error’ as the top threat (and , again, for reference, only 17% ranked external attackers with financial motivation as a top threat)
    • 79% of organizations are concerned about the security risks with an increasingly remote workforce

    It’s evident that users play a role in making an organization insecure, right? So, we’d expect to see lots of spending on ways to secure the user. But according to the report, organizations are prioritizing network security (e.g., Intrusion Prevention Solutions, gateways, firewalls), key management, cloud security, and zero trust solutions.

    It seems like the focus is way too much on trying to prevent data from leaving, instead of stopping attackers from ever getting in. With the data showing organizations are very aware of the factor users play in cyberattacks, I would expect to see more focus on Security Awareness Training to reduce the threat surface of phishing – a primary attack vector in nearly every kind of cyber attack. This kind of training helps to establish good cyber hygiene, a sense of vigilance, and has been shown to reduce the risk of users falling for social engineering tactics employed within phishing attacks.

    Get Your Customized Automated Security Awareness Program, ASAP!

    Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization.

    We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

    ASAP is a revolutionary tool for IT professionals, which allows you to create a customized Security Awareness Program for your organization that will show you all the steps needed to create a fully mature training program in just a few minutes!

    asap-monitor-1

    Here’s how it works:

    • Answer seven questions about your organization’s goals, compliance needs, and culture
    • ASAP recommends suggested training content based on your answers
    • See a detailed calendar with a customized task lisk to get your program started
    • Easily export detailed and executive summary PDF versions of your program
    • Get a fully mature awareness program ready in 5 minutes
    Get Started Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/asap-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top