In 2014, IBM reported "human error" as being a contributing factor in over 95% of cyber security incidents, with common mishaps such as clicking on a phishing email or re-using weak passwords playing a starring role.
Fast-forward to 2022, and you'll find businesses of all shapes and sizes have invested more time and money into strengthening their 'human element' of cyber security, in the hopes of reducing user-related security incidents and achieving those ever-more stringent compliance standards.
The golden question is, has this investment paid off?
The evolution of human cyber risk
Well, many businesses have seen a high ROI when it comes to employee security awareness training, but recent studies like Verizon's DBIR 2021 report have shown that human error still contributes to most of today's data breaches (85% of breaches, to be exact).
There are many reasons why employees are still such a huge insider threat to businesses — sometimes the training is unengaging, too sporadic or just simply doesn't cover enough topics, or, even worse, sometimes employees just aren't trained at all.
Then there is the mistake of thinking that security awareness training is the silver bullet for reducing human cyber risk, while neglecting other fundamentals like strong policy processes and practical phishing tests.
To help you understand the ins and outs of why so many businesses still suffer from user-related breaches and, more importantly, how to prevent them, we've launched an updated guide for tackling human cyber risk in 2022.
Start building a security-savvy workforce
Here is a breakdown of what you'll learn in The 2022 Guide to Reducing Human Cyber Risk 👇
- The different types of insider threats in your business
- What makes employees an insider threat
- Top four causes of user-related breaches
- How to establish a security-savvy culture
- How to implement Human Risk Management (HRM)
- Best practices to follow and how to get started