Tessian Study Uncovers Extent of Human Error in Cybersecurity
Tessian recently released the results of The Psychology of Human Error report. This report catalogs the effects of human error on enterprise cybersecurity and the root causes. Additionally, Tessian explores the impact of remote working on human error in a cybersecurity context.
Tessian focuses on machine learning email filters, spear-phishing prevention, data loss, data exfiltration, and non-compliant activity. In other words, they specialize in securing the human layer, as employees and other users constitute the largest cybersecurity attack vector.
According to Tessian’s studies on human error in cybersecurity, 43 percent of employees made mistakes that led to serious business repercussions; these repercussions could include job and customer loss. Additionally, one in four surveyed respondents said they have clicked on a link in a phishing email at work. Over half—58 percent—sent an email to the wrong person, with one in five companies losing customers as a response.
Why does this happen? Distraction appears to be the most prominent reason for human error in cybersecurity. 47 percent of employees cited distraction as the top reason for falling for a phishing scam. Meanwhile, 41 percent said they sent an email to the wrong person because they were distracted. Unfortunately, 57 percent admit they become more distracted when working from home. However, 52 percent of employees say they make more mistakes when they’re stressed.
Tim Sadler, CEO and co-founder of Tessian, gave comments on The Psychology of Human Error report. “Businesses have adapted quickly to the abrupt shift to remote working. The challenge they now face is protecting data from risky employee behaviors as working from home becomes the norm. Human error is the biggest threat to companies’ data security, and IT teams lack true visibility of the threat. Business leaders need to address security cultures and adopt advanced solutions to prevent employees from making the costly mistakes that result in data breaches and non-compliance. It’s critical these solutions do not impede employees’ productivity though. We’ve shown that people will find workarounds if security gets in the way of them doing their jobs, so data loss prevention needs to be flexible if it’s going to be effective.”
Learn more about Tessian here.