Monday, April 30, 2018

Human Error: Leading Cause of Cybersecurity Breaches — Study

Wazzup Pilipinas!

A new worldwide study cited by leading DDoS Mitigation service provider IPC reveal that a lack of skills among employees is a critical barrier holding enterprises back from implementing threat management more effectively.

Conducted by the CyberEdge Group and IPC’s cybersecurity services partner Imperva Incapsula, the 2018 Cyberthreat Defense Report's 1,200 respondents showed that lack of skilled personnel and low security awareness among workers are the top two barriers that inhibit companies from adequately defending themselves from cyber-attacks.

The study was conducted in organizations with more than 500 employees in countries across North America, Europe, the Middle East, Latin America, Africa, and Asia-Pacific (APAC). Some key findings in the APAC region include organizations in China and Japan leading all respondents in believing that they will be compromised by a successful cyber-attack this year, Chinese companies being the world’s leading victim of ransomware, and the position of IT security architect/engineer being the hardest to fill in Japan, China, and Singapore.

“Threats are constantly evolving and the chances of being attacked are increasing significantly as enterprises everywhere integrate new web-facing technology into their day-to-day systems. New types of attack methods are always emerging, and a single employee oversight can make or break a company. This study reveals how it is imperative to keep pace with the threat landscape as it evolves and continue educating ourselves on the latest attack methods,” said Niño Valmonte, IPC’s Director for Marketing & Digital Innovation.

Human error, negligence as top risk

The revelation that the lack of employee skills is a main inhibitor to effective cybersecurity is in line with the study’s other findings. When asked on what type of attack companies are most concerned with, the respondents’ answers revealed that the top three are Malware, Ransomware, and Phishing — threats that commonly enter a computer through the negligent actions of the user.

These three attacks are often spread through spam emails that contain malicious attachments. Opening the email will end up installing the threat into a computer. What’s more devastating about this is that once installed, most of them are programmed to automatically send themselves to the mailing list of an infected computer, thereby spreading itself further. Other common sources of the top three cyber threats are malicious files hidden inside downloaded files and software, and through a method called drive-by downloading, which occurs when malicious programs are automatically downloaded by visiting an infected website.

“Cybercriminals often use trickery to get people to unknowingly download malicious files. This can be an email with a file attached that tells you it is a receipt for a delivery, a new tool for a web browser, or even a bogus antivirus program that has malware hidden inside. These are just a few examples of how attackers can infiltrate a network that every company and its employees must know about,” said Valmonte.

Making cybersecurity education a priority

In order to avoid these threats, IPC recommends that businesses conduct constant training in order to instill the right skills, awareness, and the “cybersecurity culture” required in workers to fight against new and evolving threats.

“Cybersecurity education needs to be an integral part of the workplace culture, it doesn’t mean hosting a one-time course or seminar, it means making security a collaborative, continuous cultural initiative that will take up a lot of time but is a good investment in the long run with the fate of a company at stake.”, Valmonte adds.

According to IPC, organizations must first ensure that Cyber Security Education awareness and organizational security procedures are well established not only through periodic vulnerability assessment of their network and critical systems, but also in the mind-shaping of employees’ right from the induction and training process. In line with this, Valmonte recommends executives and middle managers to foster a culture of workplace security by talking to their respective teams about the following as a start:

     Practices in keeping a computer clean, including sensibly limiting the programs, apps, and data that can be downloaded and installed, and speaking up whenever a computer exhibits strange behavior;
     Using long, strong passwords that has the combination of uppercase letters, lowercase letters, symbols, numbers, and changing them routinely;
     Recognizing and deleting email messages with suspicious subject lines and links;
     Constant and consistent backup of files and/or applications;

“By starting with these steps, a company can already drastically reduce the installation of malicious programs within their network,” said Valmonte.

About "" is the fastest growing and most awarded blog and social media community that has transcended beyond online media. It has successfully collaborated with all forms of media namely print, radio and television making it the most diverse multimedia organization. The numerous collaborations with hundreds of brands and organizations as online media partner and brand ambassador makes a truly successful advocate of everything about the Philippines, and even more since its support extends further to even international organizations including startups and SMEs that have made our country their second home.


  1. The Cybersecurity Act of 2009 is an abomination. For years, the feds have been fretting over the Internet and its ability to connect everyone from average, Best Free Plagiarism checker available.

  2. This article is helpful for me, very elaborate and intersting article. There is a need to fight against evolving threats.

  3. Aegean College is a private college in Athens, Piraeus and Larissa. Undergraduate and postgraduate studies adapted to the labor market in collaboration with British Universities. Business Administration, Health Professions, Social Sciences, Maritime and Tourism Professions. Lifelong learning seminars certified by international organizations. Top infrastructure and academic staff. Aegean College


Note: Only a member of this blog may post a comment.

Need professional help with your papers? - Visit this writing service supported by the best academic writers.
Copyright © 2013 Wazzup Pilipinas News and Events
Design by FBTemplates | BTT