Human error is biggest problem in cybersecurity, Nuix survey finds
Published
Human mistakes poses one of the greatest threats to cybersecurity, according to a new survey.
The technology company Nuix, which has its North American headquarters in Herndon, on Friday released the findings from its third annual survey of corporate information security practitioners. They almost universally agreed that human behavior is their largest security threat.
While businesses were investing to develop cybersecurity capabilities, many survey respondents were uncertain about the most effective technologies and capabilities to focus on.
“Cybersecurity no longer has an air of mystery about it for executives and directors, but human behavior and technological uncertainty remain prominent barriers to corporate confidence,” Ari Kaplan, the report's author, said in a statement.
The research surveyed respondents' current and planned spending. Nearly four in five respondents (79 percent) said they had increased spending on data-breach detection in the past year, and 72 percent said they planned to do so next year.
Nonetheless, a majority of respondents (52 percent) said preventing data breaches was their top spending priority, while 42 percent said detection was their primary focus.
Security executives almost unanimously agreed that human behavior was their greatest vulnerability (97 percent of participants in this year's survey, up from 93 percent last year and 88 percent in 2014).
To counter this threat, businesses are less likely to use fear to convey important security ideas — 24 percent of this year's respondents tried to scare people, compared with 39 percent last year. Instead, security leaders are using policies, awareness, and training to help people become part of the solution.
“Where this breaks down is that a large proportion of people, even after they've had security awareness training, will still put their organizations at risk by opening malicious attachments and visiting suspect websites,” Jim Kent, global head of security and intelligence at Nuix, said in a statement. “While the policies and training are crucial, we need to get better at 'idiot-proofing' our technology so that even if people do the wrong thing, the malware doesn't run or doesn't achieve its goals.”
Related Stories
General Dynamics awarded $118M Army contract
The Reston-based defense contractor will provide IT and cybersecurity support.
Samsung Electronics acquires Chantilly tech firm
TeleWorld Solutions' leadership will stay in place after acquisition.
KeyBank parent company to buy McLean data firm
KeyCorp to acquire AQN Strategies LLC
Trending
Sponsored Stories
Why is my Less Than Truckload (LTL) freight pricing going up and my service level going down?
Beyond Juneteenth – How Capital One is Commemorating and Implementing Change
How We Help Your Business Operate Better
Before the Breach: Get Serious About Cyber Resilience
Professionals are Discovering What it Means to Live Uniquely in the Alleghany Highlands of Virginia
Riverside Logistics Celebrates 25th Anniversary!
Girls for a Change Empowers Black Youth for the Future Workforce
