In the ever-evolving digital landscape of today, the specter of cyberattacks continues to loom large over organizations worldwide, with threats becoming increasingly sophisticated and complex. Recent research conducted by STX Next, a prominent global leader in IT consulting, has shed light on a critical cybersecurity issue faced by organizations – human error.
According to a survey of 500 Chief Technology Officers (CTOs) on a global scale, human error has emerged as the primary cybersecurity threat encountered by organizations, surpassing the perceived risks posed by ransomware and phishing attacks. A staggering six in ten CTOs identified human error as the most significant cybersecurity risk within their respective organizations. This broad category of human error encompasses a range of actions, including inadvertently downloading malware-infected attachments and neglecting to use secure passwords.
In response to the alarming prevalence of human error as a cybersecurity risk, CTOs are actively implementing various strategies and solutions to bolster their teams and fortify their organizations against potential threats. One prevalent tactic highlighted in the survey is the adoption of multi-factor authentication (MFA), with a notable 94% of companies surveyed having deployed MFA in their cybersecurity protocols. Additionally, 91% of organizations are utilizing identity access management technology (IAM), 58% are leveraging security information and event management (SIEM) technology, and 86% have implemented single sign-on (SSO) solutions.
Despite the proactive measures being taken by organizations, the survey also revealed areas of vulnerabilities and challenges. A significant quarter of CTOs cited security as their primary organizational challenge, with only 49% of companies reporting having a cyber insurance policy in place. Furthermore, while 59% of businesses have implemented ransomware protection solutions, dedicated in-house security teams remain a minority, with just 36% of companies having a dedicated security team or department.
Krzysztof Olejniczak, Chief Information Security Officer (CISO) at STX Next, emphasized the critical role of employee awareness and preparedness in mitigating cyber risks. Olejniczak highlighted the importance of educating employees on identifying and responding to threats, as well as regularly assessing their resilience through simulated attacks and training exercises. He also advocated for the adoption of solutions such as MFA, IAM, and SSO as standard practices to enhance defenses against human error.
Furthermore, Olejniczak addressed the discrepancy in cybersecurity resources among organizations, particularly smaller firms with limited resources. To bridge this gap, he recommended leveraging specialized cybersecurity solutions or providers, including virtual Chief Information Security Officer (vCISO) services.
In conclusion, as cyber threats persist in their evolution and sophistication, organizations must prioritize cybersecurity preparedness and resilience. Whether through internal initiatives or outsourced solutions, CTOs and CISOs play a pivotal role in supporting their teams and strengthening defenses against the growing threat of cyberattacks.
By addressing the human factor in cybersecurity and implementing comprehensive security measures, organizations can better protect themselves and their stakeholders from potential harm. As the cybersecurity landscape continues to evolve, vigilance and proactive measures remain essential in safeguarding against the ever-present threat of cyberattacks.