Human error is biggest problem in cybersecurity, Nuix survey finds

Robert Powell, III// December 16, 2016//

Listen to this article

Human mistakes poses one of the greatest threats to cybersecurity, according to a new survey.

The technology company Nuix, which has its North American headquarters in Herndon, on Friday released the findings from its third annual survey of corporate information security practitioners. They almost universally agreed that human behavior is their largest security threat.

While businesses were investing to develop cybersecurity capabilities, many survey respondents were uncertain about the most effective technologies and capabilities to focus on.

“Cybersecurity no longer has an air of mystery about it for executives and directors, but human behavior and technological uncertainty remain prominent barriers to corporate confidence,” Ari Kaplan, the report's author, said in a statement.

The research surveyed respondents' current and planned spending. Nearly four in five respondents (79 percent) said they had increased spending on data-breach detection in the past year, and 72 percent said they planned to do so next year.

Nonetheless, a majority of respondents (52 percent) said preventing data breaches was their top spending priority, while 42 percent said detection was their primary focus.

Security executives almost unanimously agreed that human behavior was their greatest vulnerability (97 percent of participants in this year's survey, up from 93 percent last year and 88 percent in 2014).

To counter this threat, businesses are less likely to use fear to convey important security ideas — 24 percent of this year's respondents tried to scare people, compared with 39 percent last year. Instead, security leaders are using policies, awareness, and training to help people become part of the solution.

“Where this breaks down is that a large proportion of people, even after they've had security awareness training, will still put their organizations at risk by opening malicious attachments and visiting suspect websites,” Jim Kent, global head of security and intelligence at Nuix, said in a statement. “While the policies and training are crucial, we need to get better at 'idiot-proofing' our technology so that even if people do the wrong thing, the malware doesn't run or doesn't achieve its goals.”

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Select Region or Brand

Upcoming Event