Skip to main content

Almost half of employees have made mistakes that led to a cybersecurity incident

(Image credit: Image source: Shutterstock/Maksim Kabakou)

Employee error is still the number one source of cybersecurity incidents, according to a new report from Tessian.

Polling 2,000 employees in the UK and US, the firm found that stress and distraction are the main reasons employees make mistakes that lead to security breaches.

Almost half (43 percent) of the respondents admitted to making mistakes that resulted in cybersecurity incidents. Most of the time, this involved sending an email to the wrong person (58 percent) or clicking on a link in a phishing email.

These incidents also cost businesses dearly, the report claims, with many losing customers as a result.

Distraction is the number one cause of this kind of mistake, cited by 47 percent of the respondents - and rising to 57 percent among home workers. Other notable mentions include stress and fatigue.

One in ten workers involved in an incident lost their job after sending an email to the wrong person, while one in five companies lost customers as a result.

For Jeff Hancock, professor at Stanford University and expert in social dynamics, understanding stress and its impacts on employee behavior is crucial to building a strong cybersecurity posture.

“This year, people have had to deal with incredibly stressful situations and a lot of change. And when people are stressed, they tend to make mistakes or decisions they later regret,” he explained.

“Sadly, hackers prey on this vulnerability. Businesses, therefore, need to educate employees on the ways a hacker might take advantage of their stress during these times, as well as the security incidents that can be caused by human error.”