Cyber Security Blog

Blog about ongoing issues and research in cyber security, risk, and solutions.

Cyber Breaches - Human Errors

Recently there have been a number of highly publicized losses of data to hackers.  When first presented in the news it appears that hackers have been able to find their way into business data stores by cracking passwords, finding flaws in payment systems, and producing creative attacks.  After closer evaluation most of the breaches are a result of human-beings who work for the affected company.  Again, no matter how much a company spends on cyber security tools and systems, the true weakness is in the employees who are easily fooled by emails.  I received an email the other day from my email provider (at least it said it was from my email provider!).  They indicated that a request had been received to terminate my email account.  To resolve the issue, I just needed to send in my password to prove that I did not want to close my account.   Amazing that anyone would fall for that but apparently, there are senior and junior employees who respond quickly, often with the help of IT.  Until we are able to get employees to think and not respond then we will continue to hear about breaches and the failure of cyber security when in reality it is a human error. 

Gordon Skelton