Stanford Research: 88% Of Data Breaches Are Caused By Human Error



Running Into a Data BreachA recent 2020 report we just discovered confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. We are pleased that the somewhat older data from Trend Micro we were referencing was proven still valid. 

Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems.  

The study was done by  Stanford University Professor Jeff Hancock and security firm Tessian. The study “Psychology of Human Error” highlighted that employees are unwilling to admit to their mistakes if organizations judge them severely.

Understanding the psychology behind human errors helps organizations to know how to prevent mistakes before they turn into data leaks. According to the study, nearly 50% of the employees stated that they are “very” or “pretty” certain they have made an error at work that could have led to security issues to their company. The study goes into detail about the differences between young and older employees, where younger users will more easily admit to mistakes and are also easier to phish.

Other Findings include:
  • Nearly 45% of respondents cited distraction as the top reason for falling for a phishing scam.
  • 57% of remote workers admit they are more distracted when working from home.
  • The top reasons for clicking on phishing emails are the perceived legitimacy of the email (43%) and the fact that it appeared to have come from either a senior executive (41%) or a well-known brand (40%).

“Your employees are focused on the job you hired them to do and when faced with to-do lists, distractions, and pressure to get things done quickly, cognitive loads become overwhelming and mistakes can happen,” the study report concluded. Stepping users through new-school security awareness training is a must that you simply cannot afford not to do.

Full article at CISO MAG.


Request A Quote: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!

Get A Quote Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/kmsat-security-awareness-training-quote



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews