Human Factors in Regards to Cybersecurity

According to a recently published report from IBM Security services claims that 95% of security incidents include a human error element [1]. What are some of the main vectors that are putting companies at risk?

  • Misconfigured systems

  • Untimely management of patches

  • Weak login and password combinations, such as defaults

  • Lost mobile devices like laptops or smartphones

Incidents of Human Error

 

Accidents can occur in even well-secured environments. A slipup happens to us all from time to time. Additionally, it takes persistent efforts to overcome a lack of understanding at each level. Sometimes secure configurations and putting in place strong policies are not enough to overcome every possible incident. That is when a change detection mechanism becomes incredibly valuable for IT staffers that are monitoring the state of an environment.

 

Here are a few examples of issues that can befall organizations:

 

  • Bob, the network admin, accidently opens a firewall port which opens outside access to the cardholder data environment (CDE). We’ve all made typos while texting or typing, for some people it occurs so often they don’t even notice. Unfortunately, Bob just compromised the whole cardholder database without even knowing it and that is a critical oversight.

  • An IT staffer falls prey to a social engineering scam to obtain active directory credentials allowing a hacker to obtain the staffer’s active directory credentials. This in turn allows the hacker access to a system that stores customer data including social security numbers.

  • An outside vendor with access to a company’s network has lax IT security policies. The outside vendor’s network is hacked, which then allows the hacker to access the company’s network. An excellent example is the Target breach, in which a hacker gained access to Target’s network by compromising the network of a heating, ventilation & air conditioning (HVAC) contractor. No matter how strong the security precautions of a company may be, it won’t protect them when another entity they trust doesn’t maintain adequate standards.

Mitigating Human Error

 

Here are some suggestions:

  • Put in place a change detection mechanism that alerts IT staff when critical network device configurations are changed.

  • Teach employees how to recognize social engineering. Give them examples and case studies.

  • Scrutinize your agreements with outside vendors to insure it requires them to employ strong IT security. Insist on seeing regular audits of their IT infrastructure to insure that appropriate safeguards are in place.

Obviously, every enterprise has different needs. Consider what goals your IT department must pursue to improve the overall cybersecurity posture for it.

 

The CimTrak file integrity monitoring suite can help companies detect human error before it creates significant issues. Its built-in change detection and alerting mechanisms will let your IT staff or Chief Information Security Officer know when critical network settings or files have been changed.

 

[1] http://media.scmagazine.com/documents/82/ibm_cyber_security_intelligenc_...

 
Jacqueline von Ogden

Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".