The Emergence of the Human Firewall

When the causes of cybercrime incidents are investigated, the same underlying reason crops up time and time again … Human Error.

Over the years, levels of IT security and threat detection have advanced, and cyber criminals have realised that the weakest point in any defence system is the human element … the zone of emotion where personalities and individual frailties can be exploited.

A wide-reaching global survey by IBM into the causes of corporate cyber violations in over 130 countries found that human error was a major contributing factor in 95% of all breaches, and similar studies have come to the same conclusions. The stark reality shows that if the human error had not occurred, 19 out of 20 incidents would have been avoided.

In our complex and busy business lives, unintentional actions, and failures to follow instructions are at the heart of most security incidents, and everyone makes mistakes at one time or another, it’s part of the human psyche.

The most common human errors and causes of breaches include the failure to install software security updates, poor password discipline, and carelessly falling victim to email and message phishing attacks by clicking on malicious attachments, or taking some form of prompted action.

Attacks that prompt employees to unwittingly click on a link, or make online payments to an organisation after receiving spoofed instructions, cannot be protected by technology.

Workplace advancements and the growth in hybrid working practices mean that we have an increasingly complex working environment. Multiple business applications that are accessed anywhere and from any device all require usernames and passwords. The desire to take operational shortcuts and to simplify and replicate behaviours is a human instinct that’s underpinned by the notion that it will never happen to me.

Cybercriminals understand the pressures of modern life, and they use social engineering techniques to pressure and influence us to take action. Even though the news, current affairs programmes and social media constantly make us aware of new scams and techniques, the number of incidents grows daily.

As human error is so closely associated with the majority of cyber breaches, mitigation of such risks to minimise the likelihood of an incident should be a key focus area, and building employee awareness and training into a unified security and business continuity service provides far greater protection than any single technical solution.

Additionally, addressing the human issue has the added advantage of empowering the workforce to pro-actively identify and report potential threats and anomalies as they occur. And with such compelling evidence that employee mistakes are so prevalent in successful cyber-attacks, upskilling the workforce should be an integral part of a wider security focus.

Our cyber security and protection services provide a laser-beam focus on current and developing threats, and we partner with Mimecast, Trustwave and Cisco to provide world leading security services. When considering education, we have a broad range of education services available from web based content to continuous development, CxO to the general workforce, and core skills to regulatory and compliance education services.

Our unique, tried and tested methodology focuses on the main areas of human vulnerability and shows the workforce why they should care. Employee adoption rates are high and on-going learning creates lasting and meaningful behavioural changes across organisations.

Taking just a few minutes of employee time each month, will make significant improvements to employee awareness and preparedness - radically changing behaviours and lowering the risk of an attack.

Related articles

Mike Q Article banner v2

Co-Managed IT: Why partnering with an IT service provider makes perfect sense

Our Professional Services Consultant Michael Quittenden shares why co-managing your IT services could be the perfect solution for you and your business.

358X420 People on mobile 1

Best Practice Technology Guide for small, medium and start-up businesses

A best practise guide to the core technology areas that small, medium and start up businesses should consider.

Gary Shilling 1

6 ways to safeguard your data

A loss of data could prove catastrophic for many reasons, not least financial loss, damage to brand reputation and legal consequences. So how can you safeguard your most precious assets? Our Account Director, Gary Shilling, shares 6 ways to safeguard your data.

Contact us to find out how we can help you
and your business today

Contact us

Further Insights

Chertesey house main image v2

Getting to the root of good connectivity with Chertsey House

With Sure Business's expert help, Chertsey House can concentrate on delivering first-class healthcare with efficiency, confident in the knowledge that their IT is taken care of. Read more to learn how we supported Chertsey with their technology needs.

Mike Q Article banner v2

Co-Managed IT: Why partnering with an IT service provider makes perfect sense

Our Professional Services Consultant Michael Quittenden shares why co-managing your IT services could be the perfect solution for you and your business.

Callum final v3

The people behind the technology: Callum Gill

We spoke to Callum our Professional Services Consultant about his career so far, the experiences he’s had, and how he keeps up with the ever-evolving world of technology.