Cybersecurity Strategy: Employee negligence or malicious acts account for 66 percent of cyber breaches


While many organizations continue to focus on the technology aspect of cyber defense, which is crucial, they often do so at the expense of people risks, which represent the largest source of data breach claims.
New claims data analysis from global brokerage firm Willis Towers Watson shows that employee negligence or malicious acts account for two-thirds (66 percent) of cyber breaches, where by contrast only 18 percent are directly driven by an external threat, and cyber extortion accounted for just 2 percent.
Willis Towers Watson said its data further show that approximately 90 percent of all cyber claims are the result of some type of human error or behavior.
The company is urging businesses to focus more on employees and company culture in efforts to manage cyber risk.
The firm has launched a Cyber Risk Culture Survey solution, which is a cyber risk employee survey, it says connects human capital and workplace culture to employer cyber risk vulnerability by tracking the extent of risk inherent in employees’ behaviors and coming up with ways to mitigate this factor and build a “cyber smart” workforce.
“Evidence suggests that many businesses are taking an overly technocratic approach to cyber risk and are in danger of missing the bigger picture,” said Anthony Dagostino, head of global Cyber Risk, Willis Towers Watson. “While technology has an important role to play, it really needs to be linked with an understanding of the human element. The simple truth is that a data compromise is more likely to come from an employee leaving a laptop on the train than from a malicious criminal hack. We believe employees and companies with a strong culture and cyber aware workforce are the first line of defense against cyber risk.”
The Cyber Risk Culture Survey results provide a picture of an organization’s internal risk culture, with a particular focus on where it might be most vulnerable to employee-driven cyber incidents. These results allow senior leadership to take decisive action to create solutions, including cultural changes, and talent and reward interventions, to mitigate cyber risk, according to the consulting firm.
“When we talk to clients about cyber risk, they tell us bridging their operational silos is one of the biggest hurdles within their organizations,” said Patrick Kulesa, director, Employee Survey Research, Willis Towers Watson. “Our offering is relevant to many audiences within the organization — not only corporate risk managers, data security teams and human resource professionals, but the entire executive suite — all of whom are crucial links in the chain of cyber risk management and mitigation.”

Popular posts from this blog

MBUNGE wa Chalinze, Ridhiwani Kikwete, aomba maji ya mwekezaji

Image
Amewaombea wananchi wa kijiji cha Pingo maji kwa mwekezaji wa kiwanda cha kutengeneza vigae cha Twyford, anayetarajia kuyavuta kutoka mto Ruvu hadi kiwandani kwake. Ridhiwani ameomba ombi hilo mwishoni mwa wiki wakati wa uwekaji wa jiwe la msingi katika kiwanda hicho uliofanywa na Waziri wa Viwanda, Biashara na Uwekezaji, Charles Mwijage. Amesema wananchi hao wamekuwa na shida ya maji kwa kipindi kirefu tangu nchi ipate uhuru, hivyo wakati muwekezaji huyo atakapovuta maji katika kiwanda chake awasaidie na wananchi hao kupata huduma hiyo. "Mheshimiwa Waziri tuna tatizo la maji, wananchi wa kijiji hiki wamesubiri maji tokea uhuru, tunaomba utuombee kwa mwekezaji wakati akiyavuta kutoka mto Ruvu, wananchi nao wafaidike," alisema Mbunge huyo huku akipongezwa na wananchi wake. Hata hivyo, wakati wa akitoa hotuba yake, Mwijage alimuomba mwekezaji huyo kusaidia kuwapamaji wananchi hao, jambo alilolikubali kulitekeleza kwa gharama zake. Mwijage alifafanua kuwa kiwand...
Read more

Blowser error: Invalid Server Certificate

Image
Browser displays connection untrusted error Summary:  When accessing the search appliance over HTTPS, the browser shows a warning such as "The site's security certificate is not trusted!" (Google Chrome) or "This Connection is Untrusted" (Mozilla Firefox).  This can happen when accessing any of the following services over HTTPS: Admin Console(port 8443) Version Manager(port 9942) Search results(port 443) Cause:  To establish an HTTPS connection, the browser needs to trust the SSL/TLS cert installed on the search appliance.  In the case where the browser displays this error, the search appliance has an SSL cert which is either self-signed or the signing certificate of authority is not trusted by your browser's configuration. Troubleshooting Steps:  Log into  Admin Console > Administration > SSL Settings. The certificate currently installed on GSA is shown in the top "Current SSL Certificate Information" section. Check...
Read more