For businesses of all sizes, from SMBs to large corporations – human error is still one of the main pain points when it comes to cybersecurity.
A new report from BAE Systems found 71 per cent of all recorded incidents started as a phishing attack, and roughly two thirds (65 per cent) were untargeted viruses or malware.
Incident teams, specialised IT security teams set up to combat threats that make it past cybersecurity software, are dealing with an ‘increasing number’ of incidents every month. Two thirds (66 per cent) of organisations respond to at least one, and up to 25 incidents, on a monthly basis.
A quarter have had up to 99 incidents, and eight per cent have responded to 100 or more incidents per month.
Allegedly, many organisations are simply not prepared to respond to cyberthreats. A quarter of incident response teams do not conduct readiness exercise with senior management. More than one in five (22 per cent) only have temporary incident response resources set up. Some have none.
Many organisations set up expensive and overarching security software, hoping it will keep the malicious actors outside their networks, but hackers aren’t always looking to trick the machine – they’re often trying to trick the person behind the machine, as well.
Security experts have been grinding their teeth warning organisations that employee awareness, education and training on best cybersecurity practices is essential for the security posture of any organisation.
Image Credit: Den Rise / Shutterstock