In a comprehensive study conducted by Kaspersky, the cyber security landscape reveals a surprising statistic: 26% of cyber incidents in businesses over the past two years resulted from intentional security protocol violations by employees. This percentage closely rivals the 20% attributed to external hacking attempts, challenging prevailing beliefs that human error is the primary cause of cyber security incidents.

 

The research, seeking insights from IT security professionals in SMEs and enterprises globally, aimed to unravel the diverse impact of various individuals on a company’s cyber security posture. Contrary to assumptions, intentional policy violations by employees, spanning both IT and non-IT staff, played a significant role in cyber incidents. IT security officers, other IT professionals, and non-IT colleagues were identified as sources of breaches, contributing to 13%, 12%, and 4% of incidents, respectively.

 

 

Delving into individual employee behavior, the study revealed that 22% of incidents resulted from the deliberate use of weak passwords or failing to change them promptly. Additionally, 18% were linked to staff visiting unsecured websites, while 25% occurred due to neglecting system software or application updates.

 

Google chrome bolsters security with crucial updates addressing zero-day exploits

 

Significantly, unsolicited services or devices were identified as contributors to intentional policy violations, with 14% of companies experiencing incidents due to unauthorized systems for data sharing. Notably concerning was the finding that 20% of malicious actions were committed by employees for personal gain, with the financial services sector reporting 34% of such incidents.

 

This study sheds light on the intricate dynamics of cyber security incidents, urging companies to go beyond traditional beliefs and adopt a proactive approach. By understanding the intentional protocol violations by employees, businesses can develop robust security policies, enhance employee awareness, and foster a cyber security culture that fortifies their defenses against evolving threats.

 

Quick link: How should Government owned removable media be stored?

 

To assist in this endeavor, consider integrating the CyberArrow into your cyber security strategy. This cutting-edge solution is designed to keep your business compliant, prevent employee policy violations, and fortify your defenses against cyber threats. Stay ahead in the ever-changing landscape of cyber security, empower your organization with CyberArrow. 

 

Read how how CyberArrow increased security awareness among Silal’s employees efficiently.

 

See what Silal have to say about CyberArrow: