Unengaged employees are causing a huge security risk for businesses according to Centrify, as they become bored and make mistakes.
The security company polled 165 employees at the Infosec conference, asking what IT leaders view as the biggest contributing factors to security slip-ups.
It revealed 35% of people think distraction and boredom are the main causes of human error, which could have detrimental effects on a company's security. Other big reasons employees make mistakes include being overworked (19%), excessive policies and need for compliance (5%) and social media (5%).
However, more than half of those asked about security in their organisation said they fully expect their business will, in future, trust technology more than humans, putting them in charge of security to make sure human error isn't responsible for data breaches.
"It's interesting that the majority of security professionals we surveyed are confident that businesses will trust technology enough to replace people so that fewer mistakes are made at work, yet on the other hand firmly put the responsibility for data security in the hands of employees rather than technology," said Andy Heather, VP and managing director for EMEA at Centrify.
"It seems that we as employees are both responsible and responsible so responsible for making mistakes and responsible for avoiding a potential data breach. It shows just how aware we need to be at work about what we do and how we behave when it comes to our work practices in general and our security practices in particular."
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
PyPI attack: Targeting of repository 'shows no sign of stopping'News Greater collaboration and understanding of attackers’ tactics is key to mitigating open source security threats
-
Capita's handling of cyber attack shows companies still fail at breach reportingAnalysis Capita initially told customers there was “no evidence” of data having been compromised in the March cyber attack
-
Malware being pushed to businesses by search engines remains a pervasive threatNews High-profile malvertising campaigns in recent months have surged
-
There's only one way to avoid credential stuffing attacksOpinion PayPal accounts were breached last year due to a credential stuffing attack, but can PayPal avoid taking responsibility?
-
Five things to consider before choosing an MFA solutionIn-depth Because we all should move on from using “password” as a password
-
Cyber security suffers from a communication problemNews Negative language around ‘human failures’ is eroding trust between security teams and broader business functions - it has to stop
-
Does LastPass really deserve a last chance?Opinion After several disastrous security incidents and a communications breakdown, it’s time to leave LastPass for pastures new
-
What is the spell-jacking vulnerability and how can your business avoid exposing data?
In-depth Spell-jacking vulnerabilities are threatening to unwittingly leak data to third parties, undermining any drive to protect privacy
