Milan, 4 July 2024 – Cefriel, a digital innovation center affiliated with Politecnico di Milano, recently launched a new white paper titled “Cyber Security and the Human Element – Risks and mitigation interventions, starting from people”. The paper, authored by Enrico Frumento, the Cybersecurity Research Lead at Cefriel, delves into the intricate connections between the human element and cybersecurity to devise a novel approach towards risk mitigation.
The white paper was presented in the context of the European projects CYRUS and SEC-AIRSPACE, aimed at enhancing cybersecurity measures in various sectors. It sheds light on the imperative need for individuals to recognize their pivotal role in safeguarding corporate assets and outlines strategies to actively engage them in thwarting cyber threats.
One of the notable observations highlighted in the white paper is the prevalence of cyber-attacks across different sectors, with the Public Administration sector bearing the brunt of 19% of attacks in Italy and 23% in Europe. Moreover, the industry sector experienced a considerable uptick in attacks, accounting for 17% of the total, surpassing the European average of 7%. The report underscores the crucial importance of investing in training and allocating resources towards bolstering IT security capabilities to mitigate vulnerabilities effectively.
The emphasis on the human element in cybersecurity strategies is underscored by the fact that human behavior contributes to nearly 95% of cybersecurity risks, as per the World Economic Forum’s Global Risk Report. Enrico Frumento emphasizes the significance of approaching cybersecurity from a human-centric perspective, advocating for tailored solutions that address the unique vulnerabilities associated with individuals. By rethinking security protocols starting from the human element, organizations can foster a culture of cyber resilience and empower employees to proactively combat threats.
The white paper advocates for a comprehensive approach that integrates cultural, behavioral, and technological paradigms to instigate enduring behavioral changes among individuals. By incorporating elements of human sciences, social engineering, and people analytics, organizations can cultivate a proactive defense mechanism that adapts to evolving cyber threats seamlessly.
A key recommendation proposed in the white paper is the adoption of a Human Risk Management model to establish continuous security mechanisms centered around individuals. Transforming training programs into tools for reducing cyber risks can enhance organizational resilience and fortify defenses against potential cyber-attacks.
The white paper can be accessed for free on Cefriel’s website, providing valuable insights and practical guidance on how to involve people in risk mitigation strategies in the realm of cybersecurity. By leveraging innovative frameworks and cutting-edge technologies, organizations can foster a climate of cybersecurity awareness and best practices to safeguard their digital assets effectively.
In conclusion, Cefriel’s pioneering efforts in the field of digital innovation underscore the critical role of human-centric cybersecurity strategies in fortifying businesses against cyber threats. By championing a holistic approach that integrates technology, human behavior, and governance, organizations can navigate the complex cybersecurity landscape with resilience and agility. Enrico Frumento’s expertise in cybersecurity research and unwavering dedication to advancing cybersecurity best practices position Cefriel as a trailblazer in shaping the future of cybersecurity.