Managing the Human Factor in Risk
Human error is the biggest problem facing any organisation’s information security management. Although often unintentional, data security breaches can nonetheless expose an organisation to catastrophic financial and reputational damage. The 2015 Information Security Breaches Survey indicates that 75% of large organisations have suffered staff related security breaches and 72% of companies reported staff related breaches where the security policy was poorly understood.
With 82% of the survey’s respondents reporting that their senior management place a high or very high priority to security, spending on technical security solutions continues to grow, yet very little budget is afforded to the weakest link in any security program – the user. Security technology may help to identify and prevent malicious activities but only education will help users understand the risks and why technologies are in place as well as how to act properly. Organisations are increasingly recognising the importance of user participation in educational programs, but this can be seen as a very time consuming and expensive process.
NETconsent’s Compliance Suite ensures that employees are kept up to speed with compliance issues automatically. The end result being personnel are confident, supported by clear instruction, as regards policy and procedure. On an operational level, the system tests, tracks and reports. It tests user understanding of policies, it tracks user acceptance and an audit trail offers recorded proof of employees having seen, understood and complied to policy. Real-time management reporting provides accuracy with immediacy. It gives opportunity for rapid amendment. This alongside raised employee awareness reduces risk. Automated responses to workforce mistakes, such as those associated with manual input, provide a data security safety net.
The NETconsent Compliance Suite is an agile solution for any organisation, whilst robustly addressing regulatory and legislative requirements. It is adaptable in the face of new and evolving policies, for any business, of any size. Above all, it mitigates the threat of avoidable human error, protecting data and workforce, cultivating best practice at all times.
2015 INFORMATION SECURITY BREACHES SURVEY commissioned by Department for Business Innovation & Skills conducted by PWC
75% of large organisations (up from 58% a year ago) and 31% (up from 22% a year ago) of small businesses suffered staff related security breaches in the last year.
When questioned about the single worst breach suffered, 50% of the worst breaches in the year were caused by inadvertent human error (up from 31% a year ago).
72% of companies where the security policy was poorly understood had staff related breaches.