Insights on Human Error

What You Don't Know About Human Error...

Studies have shown that anywhere from 80% to 95% of cybersecurity breaches result from human error. But what constitutes “human error”? We would be remised to state that human error is really the consequence of bad cyber hygiene when looking at the top five common elements driving this statistic. They include, in no particular order:

1. Poor password management

2. Misconfigured devices

3. Lack of security awareness and training

4. Outdated and unauthorized use of software

5. Absence of strict access control capabilities

This behavior is analogous to the death statistics of heart disease and the fact that simply eating right and working out drastically changes these figures.

Human error includes human behavior, and if the thought of dying from heart disease doesn’t scare one into changing their behavior, then it’s ridiculous to think that cybersecurity challenges will be any different. This mindset leaves organizations to concede on some cyber threat fronts while implementing compensating controls on others to alleviate this challenge.

Cyber hygiene requires getting back to basics and being diligent about the implementation and continuous management of controls that directly align and mitigate the risk of human error. Most would consider these controls boring and tedious, but they are the foundation of a secure and resilient infrastructure. These basic or foundation controls are highlighted in numerous IT compliance mandates and best practice frameworks. Unknown to most is that integrity management functionality makes up, on average, 30% of all compliance and best practice framework controls.

A New Way to Approach Human Error in Your Organization

30% of those detective controls are directly associated with integrity management capability. When deployed and implemented correctly, integrity management controls and processes give organizations the unique ability to detect breaches in seconds that are the result of both human errors as well as other actions from bad actors. Those controls are largely comprised of system hardening, configuration management, change controls, allowlisting, roll-back and remediation, and a few others. Assembling these controls into a predictive workflow will yield the security results that organizations are looking to achieve.

Humans will continue to do senseless and irresponsible activities that negatively impact the security posture of an organization, so leverage integrity management as a compensating control to mitigate this risk.

How CimTrak Can Help

CimTrak Integrity Suite provides the necessary best practice controls to enable organizations to immediately detect when a breach is or has occurred and provides automated actions to remediate the problem and restore trust and confidence in an organization’s security posture.

Try the most powerful file integrity monitoring solution.

Discover why companies like Zoom, NASA and US Air Force prevent cyberattacks with CimTrak.