Expert calls for quarterly cybersecurity training given threat of human error

'Threat actors': One-third of IT, security professionals attribute data breaches to human error

Expert calls for quarterly cybersecurity training given threat of human error

Human error remained the leading cause of data breaches in 2023, according to a new report, as cybersecurity incidents see a surge in the past year.

The 2024 Thales Data Threat Report revealed that 31% of IT and security professionals attribute data breaches to human error, remaining in the top spot for “threat actors” since 2022.

The findings validate fears from executives around the world that human error will be the cause of their next cybersecurity breaches.

Rahul Mahna, partner and head of Outsourced IT Services at EisnerAmper, previously urged employers to carry out regular training for staff to prevent such incidents from taking place.

"Given the increase in virtual/hybrid work, most companies should be conducting cybersecurity training at least quarterly," Mahna previously said.

Malware, ransomware attacks

Other threat actors to organisations include external attackers such as hacktivists and nation-state actors, according to the Thales report.

Malware also remained the top threat source across organisations in the past year. The report said cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.

Enterprises that were hit with ransomware attacks surged by over 27% in the past year, coming in second in the list of threat sources after malware. According to the report, eight per cent of enterprises ended up paying ransom demands.

Meanwhile, IT and security professionals said their major causes of concerns now include artificial intelligence (57%), Internet of Things (55%), and post quantum cryptography (45%).

Compliance key to cybersecurity

The report from Thales, which surveyed 2,961 IT and security professionals from 18 countries across 37 industries, sheds light on how businesses are adapting their data security strategies and practices amid an evolving threat landscape.

"If there's one key takeaway from this year's study, it's that compliance is key," said Sebastien Cano, Senior Vice President at Thales Cloud Protection and Licensing, in a statement.

According to the report, 43% of enterprises failed a compliance audit in the past 12 months. Among them, 31% experienced a breach in the same year, much lower than the three percent who passed compliance audits.

"Companies that had a good hold over their compliance processes and passed all their audits were also less likely to suffer a breach," Cano said. "We'll start to see more compliance and security functions coming together. This would be a huge positive step to strengthen cyber defences and build trust with customers."

Recent articles & video

Singapore employers mandated to consider requests for flexi-work

Pros and cons to pay transparency in Singapore

UAE employers told to keep employees safe amid adverse weather

AI may speed up recruitment – but it won’t get any easier

Most Read Articles

MoneySmart's ex-head of tech under fire for new role at rival firm

Novartis to cut over 600 jobs amid global restructuring

Singapore hikes qualifying salaries amid foreign-local talent competition: report