IT Leaders Say Employees Not Fully Prepared for Cyberattacks

Research by Egress Shows Human Activated Risks Comprise the Top Three Threats for Organisations

London, UK – 6th April 2022 – Egress, the leading provider of intelligent email security, today announced the results of its Human Activated Risk report, which revealed that over half (56%) of IT leaders say that their non-technical staff are only ‘somewhat’ prepared, or ‘not at all’ prepared, for a security attack. Six hundred IT security leaders across a broad range of industries were anonymously surveyed regarding their organisations’ security posture in this heightened threat environment. Add to this, 77% of respondents have seen an increase in security compromises since going remote 2 years ago, and there’s a continued significant risk to organisations.

Human activated risk is introduced by human behaviours or actions, through coercion by bad actors, human error or malicious intent. Technology can malfunction or not work as it’s supposed to, but in many cases, the fault is with the person operating it. Whether through carelessness, malicious intent, or being tricked by a third party, humans can knowingly and unknowingly create massive amounts of risk that security teams need to manage. The top attacks associated with Human Activated Risk seen by IT Leaders include, in order of rank:

  1. Accidental data loss via human error
  2. Employee spear phishing
  3. Business email compromise

The research results show that the top attacks or risks employees fall victim to are the result of human-activated risks, such as accidental data loss, malicious data exfiltration or falling victim to a phishing attack. The research found that 39% of IT leaders rely on the native protections offered by Microsoft 365 and Google to defend from inbound phishing attacks. What was also revealed is that more than 39% of organisations have 6 or more security solutions in place today, an approach that appears to be bringing more software in to address the problem and hoping it gets better rather than looking at the root cause.

Other significant research findings include:

  • 30% of IT leaders polled either don’t have or don’t know if their organisation has a solution to detect accidental data loss from misdirected emails.
  • 60% of respondents feel the active security solutions they have in place still presents them with a challenge.
  • Almost 30% of those polled (+/- 180 IT leaders) don’t understand what human activated risk is.

“Organisations are facing a formidable threat landscape, and the threat of cyber-attacks looms large”, explains Jack Chapman, VP of Threat Intelligence at Egress, “Against this backdrop, it’s alarming that most IT leaders, those responsible for protecting an organization against these threats, feel that employees aren’t fully prepared to deal with cyber-attacks. Coupled with the finding that human activated risk is the leading driver of security incidents, it’s clear that many organizations are in a vulnerable position, exposed to a wide range of serious cybersecurity threats. Organisations must build up their defences against attackers, provide proper training programs and also take meaningful action to tackle risks that originate from within – beginning with their people. Now is the time for organizations to re-evaluate their security posture and ensure that they are in a strong position to protect themselves and their people.”

Editor

Lisa Baker is the Editor of International Business News. As the Owner of Need to See IT Publishing, Lisa is an experienced business and technology journalist and publisher.

News Recruitment Tech Talent

hackajob launches in the U.S as demand for tech talent soars

Market leading tech recruitment platform hackajob launches in the U.S as tech employment set to reach 8.9 million in 2022[1] U.S launch comes as the rise of remote working sees 67% of tech talent widen their job search beyond their locality Leading UK-based tech recruitment platform hackajob launches today in the U.S. hackajob’s goal to […]

Read More
Data & Analytics News Tech

Why data is key in turning passion into profit for the creator economy

Written by Paul Scholey, VP of International Sales, Sisense In this article, Paul Scholey, a leading expert from Sisense, and Nicolette Roses-Agoro, Disciple’s Head of Community and Brand, discuss how data and analytics are not just shaping but powering the future of the flourishing creator economy. The creator economy is defined as a new community […]

Read More
Cybersecurity News

ThreatQuotient Selected By Comcast To Support Cybersecurity Operations

ThreatQ Platform and ThreatQ Investigations will be used by telecom conglomerate Comcast, parent of NBC Universal and SKY Group, to operationalise security intelligence across cybersecurity use cases London, UK. – May 17, 2022 – ThreatQuotient™, a leading security operations platform innovator, today announced that Comcast (NASDAQ:CMCSA) has selected the ThreatQ Platform and ThreatQ Investigations to […]

Read More