Forget ransomware and phishing attacks — CTOs rate human error as their number one security risk
No need to break into a network when a human can install your malware for you
New research shows that human error is still widely regarded as the main threat to business security, and that's straight from the horse's mouth.
Despite 90% of CTOs deploying multi-factor authentication, and 91% using identity access management technology for company security, over half (59%) said that human error is the biggest threat to their organization.
Humans were ranked above both ransomware attacks (48%) and phishing attacks (40%).
Humans are the weakest link
The research, conducted by STX Next, surveyed over 500 CTOs across the globe and found that while only a quarter (24%) believed that security was the biggest challenge facing their organization, human error was definitely a major concern.
More worryingly however, less than half (49%) of the companies involved in the study said that they had a cyber insurance policy in place, with less than six in ten (59%) implementing a ransomware protection solution within their organization.
The use of in-house security teams is worrying low, with just 36% of companies surveyed having a dedicated department for security services. Speaking on the findings, STX Next CISO, Krysztof Olejniczak said, “Despite deployment of comprehensive technology, poor implementation, substandard support processes or lack of governance can render these efforts useless.
“In recent years, the frequency and severity of cyberattacks across all industries has risen extraordinarily, and employees are often carrying the burden of being an organisation’s first line of defence,” he continued.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“While the threat of ransomware remains high, in many cases, cybercriminals aren’t in fact relying on incredibly advanced and sophisticated methods of attack, but on human error and social engineering techniques to gain access to an organisation’s systems.”
More from TechRadar Pro
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.