You are only as strong as your weakest link and the cybersecurity industry is no different. A recent survey by SolarWinds, a provider of IT management software, pointed out that negligent users are the biggest cybersecurity threat to German organizations. The company did the survey in a bid to highlight the threats the cybersecurity professionals are facing daily.
The research, which surveyed over 100 information technology professionals from Germany, stated that user errors constituted the largest share of cybersecurity incidents in the last 12 months, at a whopping 80 percent. The study stressed on the fact that internal factors are the most pressing cybersecurity threats. User errors were followed by exposures caused by poor network system or application security at 36 percent, and external actors infiltrating the company’s network at 31 percent.
To understand the factors contributing to the trend, the survey also found out that poor passwords were one of the major concerns for German techies. Nearly 45 percent of the respondents stated that poor and weak passwords were one of the biggest reasons for the breaches, while 42 percent of the respondents stated that sharing passwords is also another grave contributor. Other factors were accidental exposure, deletion, modification of critical data and even copying data into unsecured devices.
To top it all, it was also revealed that 89 percent of IT experts felt that they were unequipped to successfully implement and manage cybersecurity tasks today, with their current IT skillset.
“Our research shows once again that the biggest risk to the organization comes from the inside, aligning with research SolarWinds conducted in other regions earlier this year,” said Tim Brown, vice president of security, SolarWinds. “This underscores the continued need for organizations to address the human side of IT security and consistently educate users on how to avoid mistakes while encouraging an environment of learning and training. However, that alone is not enough; tech pros also need the best possible technology to effectively fight against both threats from the inside and potentially more sophisticated threats from the outside. SolarWinds is committed to helping IT and security teams by equipping them with powerful, affordable solutions that are easy to implement and manage. Good security should be within the reach of all organizations.”
It is not always an accidental error from insiders; sometimes these incidents are a part of a much larger scheme. Earlier this year, a recruiter from the telecommunications company AT&T Network was charged for paying insiders to upload malware on the company’s computer networks to unlock cell phones.
According to the United States Department of Justice (DOJ), the insiders, who worked in AT&T’s Bothell Customer Service Center, allegedly exploited AT&T’s proprietary locking software to remove millions of phones from the AT&T network system and payment plans, which incurred a loss of a million dollars to the company. It’s said that Fahd and his co-conspirators gave over $1 million in bribes to install malware and spying devices in the company.