What’s the most serious information security threat today? Hackers? Overly complicated corporate networks? None of the above: it’s good old-fashioned human error.
That’s the key finding from a new study performed by the Computing Technology Industry Association, or CompTIA. In the industry group’s annual report on information security, human error was found to be responsible for almost 60% of security breaches last year.
That was a large increase over the prior year’s survey, in which human error was to blame for 47% of breaches. Experts say that in an industry that prides itself on constant progress, such a large shift in the wrong direction is a major red flag.
Inevitable result?
To some extent, U.S. businesses have only themselves to blame for the rise in human error. For despite years of warnings on the importance of training and education, the CompTIA survey found the following:
Security training was required in only 29% of the companies surveyed.
To put these numbers in perspective, 99% of companies use anti-virus software, and 91% use firewalls. Security analysts have long known that as security technology improves, hackers and corporate spies simply work harder to break the weakest link in the security chain: employees.
Other notable results from CompTIA:
© National Security Institute, Inc.