According to new information from the Australian Information Commission (OAIC) more than half of all data breaches reported were caused by human error.
The OAIC received 63 notifications within the first six weeks of the new Mandatory Breach Notification law. Out of the 63 notifications received, 51% named human error as the cause of the breach, with 44% the results of malicious or criminal attack and the remaining from system faults.
Verizon recently released a report revealing that businesses are still falling behind when it comes to employee training and making sure software vulnerabilities are patched.
This is concerning especially because criminals are getting better at what they do and are continuing to go for the lowest hanging fruit – people.
The top three industries represented by the data breach notifications were health service providers, legal and accounting/finance. All of these industries handle extremely sensitive information and are big targets for hackers trying to get a hold of it.
So with human error the biggest risk factor for businesses, what can you do to mitigate it?
It is important to continuously train your staff as they are often time the last line of defence in your business. If staff are up to date with the tricks that scammers employ they are able to pick out red flags and avoid falling victim.
Conducting testing on your staff can also help identify vulnerabilities and let you know where to focus your training. White Hat Phishing is when fake phishing emails are sent to your staff encouraging them to click on links or download files. Companies can then identify how susceptible they are to phishing emails and train staff appropriately.
Companies that have implemented white hat phishing have seen a significant drop in staff clicking on compromised emails.