Forget ransomware and phishing attacks — CTOs rate human error as their number one security risk

News
By published

No need to break into a network when a human can install your malware for you

Young Colleagues Working on Computers and Talking at a Workplace
(Image credit: Shutterstock)

New research shows that human error is still widely regarded as the main threat to business security, and that's straight from the horse's mouth.

Despite 90% of CTOs deploying multi-factor authentication, and 91% using identity access management technology for company security, over half (59%) said that human error is the biggest threat to their organization.

Article continues below

The research, conducted by STX Next, surveyed over 500 CTOs across the globe and found that while only a quarter (24%) believed that security was the biggest challenge facing their organization, human error was definitely a major concern.

More worryingly however, less than half (49%) of the companies involved in the study said that they had a cyber insurance policy in place, with less than six in ten (59%) implementing a ransomware protection solution within their organization.

The use of in-house security teams is worrying low, with just 36% of companies surveyed having a dedicated department for security services. Speaking on the findings, STX Next CISO, Krysztof Olejniczak said, “Despite deployment of comprehensive technology, poor implementation, substandard support processes or lack of governance can render these efforts useless.

“In recent years, the frequency and severity of cyberattacks across all industries has risen extraordinarily, and employees are often carrying the burden of being an organisation’s first line of defence,” he continued.

“While the threat of ransomware remains high, in many cases, cybercriminals aren’t in fact relying on incredibly advanced and sophisticated methods of attack, but on human error and social engineering techniques to gain access to an organisation’s systems.”

More from TechRadar Pro

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.