In an interesting post based on a study by the Verizon Business Risk Team, an interesting correlation is made between insider errors and hacking. Nearly two thirds of all data breach cases investigated had an element of insider error. Similarly, 59% of incidents had a hacker involved. Combined begins to tell a story of how hackers break into networks. Insiders are making it easy for them.
While nearly 4 out of 5 errors are based on “omission” or not doing something they should have, it would seem that these omissions are a leading cause of hacker breaches.
Policies and procedures are great, but not enough. You need to be sure insiders are following them. They need to be enforced where possible. You need to train employees on security best practices and implement solutions where possible to curb misbehavior.
The following are recommended solutions that can help:
Risk Assessment
Social Engineering Engagement
Web Content Filtering
Email Content Filtering
Web Browsing AV
E-Security Training
