Your employees could be your biggest cybersecurity risk

In Greek mythology, the warrior Achilles was believed to be invulnerable except for his heel, which was his one weakness. Similarly, in the world of cybersecurity companies may have robust defences in place; but one vulnerable point or weakness can lead to a devastating breach. One such vulnerability is the insider-threat, which can be caused by human error or malicious intent.

Insider-threats can pose a significant risk to an organisation’s cybersecurity, as they can bypass traditional security measures and access sensitive information. In this article, we will explore the issue of insider-threats in cybersecurity, examining the human error aspect and the steps organisations can take to protect themselves from this ‘Achilles heel’ of cybersecurity.

Human error as a cybersecurity risk

Despite the best intentions of employees, human error can lead to devastating cybersecurity incidents. This includes things like clicking on a phishing email, misconfiguring security settings, or failing to update software. These types of mistakes can leave an organisation vulnerable to cyber-attacks and data breaches.

One of the biggest challenges with human error is that it is difficult to predict and prevent. No matter how well-trained an employee may be, mistakes can still happen. Additionally, employees are often targeted by cybercriminals through social engineering tactics, making it even more difficult to identify and prevent human error.

To address the risk of human error, organisations need to take a multi-faceted approach. This includes implementing technical controls like firewalls and intrusion detection systems, as well as providing regular security training for employees. Organisations should also establish clear policies and procedures to govern how data is accessed and used.

Insider-threats as a cybersecurity risk

Insider-threats are another significant cybersecurity risk that organisations must address. Insider-threats refer to individuals within an organisation who use their access to sensitive information for malicious purposes. This can include stealing data, sabotaging systems or conducting espionage.

Insider-threats can be difficult to detect and prevent because these individuals often have legitimate access to the data or systems they are targetting. Additionally, insider-threats can be difficult to identify because they are often highly trusted employees with no previous history of malicious behaviour.

To address the risk of insider-threats, organisations need to establish a strong security culture that emphasises the importance of data protection. This includes implementing access controls to limit the amount of data employees can access, and monitoring for anomalous behaviour.

Organisations should also conduct regular background checks on employees and limit sensitive data access to only those employees who need it for their job. By implementing these measures, organisations can reduce the risk of an insider-threat and minimise the damage caused by a malicious employee.

Some research and statistical data

  1. According to the 2021 Verizon Data Breach Investigations Report, human error is responsible for 85 percent of successful breaches; with the most common human errors being misdelivery of emails, sending sensitive information to the wrong recipient, and misconfiguration of databases.
  2. In a 2021 survey by IBM Security, 54 percent of respondents reported that their organisation had experienced a data breach caused by a malicious insider – with an average cost of US$2.69million per breach.
  3. According to a 2020 study by Ponemon Institute, the average cost of an insider-caused data breach was US$11.45million – which is more than twice the cost of an external breach.
  4. A 2021 report by Cybersecurity Insiders found that 75 percent of organisations believe that insider threats have become more frequent over the past year.
  5. In a 2021 survey by CSO Online, 48 percent of respondents reported that their organisation had experienced a data breach caused by human error.
  6. The 2021 Cost of Insider Threats Global Report by Accenture found that the average cost of an insider-caused incident was US$4.9million, with 60 percent of incidents being caused by malicious insiders and 40 percent being caused by negligent insiders.
  7. A 2021 report by the International Telecommunication Union (ITU) found that 10.5 percent of Internet users in Africa had experienced a cybersecurity incident in the past year.
  8. In a 2021 survey by Serianu, a Kenyan cybersecurity consulting firm, 66 percent of organisations in Ghana reported that they had experienced a cyber-attack in the past year.
  9. A 2020 report by Serianu found that Ghana experienced 46,167 cyber-threats in 2019, a 5 percent increase from the previous year.
  10. According to a 2020 report by the African Union, insider-threats are a significant risk to cybersecurity in Africa, with 34 percent of cybersecurity incidents being caused by insiders.
  11. In a 2020 survey by Deloitte, 61 percent of African organisations reported that they were not confident in their ability to detect insider threats.

These statistics highlight the significant risk of cybersecurity incidents and insider-threats in Ghana, Africa and across the world. As cybersecurity threats continue to evolve, it is important for organisations to invest in cybersecurity measures – such as implementing access controls and conducting regular security training for employees to reduce the risk of an incident. Additionally, collaboration and information-sharing among African countries and organisations can help to address the shared challenges of cybersecurity in the region.

Conclusion

While external cyber-attacks are a significant risk to organisations, the risk of human error and insider-threats cannot be overlooked. Organisations must take a multi-faceted approach to address these risks: including implementing technical controls, providing regular security training and establishing clear policies and procedures. By taking these steps, organisations can reduce the risk of a cybersecurity incident caused by human error or an insider-threat and thus protect their sensitive data and networks.