Human Factor in Information Security
Posted: Tue Jan 07, 2025 4:15 am
From confidential data leaks to large-scale hacker attacks, many incidents involve insiders who use their official powers to harm employers. The culprits are usually found and punished. But is the question of guilt always clear in such cases?
When investigating incidents, factors that could influence an employee's behavior and ultimately provoke him to commit illegal actions are often overlooked. And most importantly, these factors are usually hidden inside organizations: in the system of hiring, monitoring, and motivating personnel.
Stanislav Karpovich, Business Development Manager lebanon whatsapp phone number of the Cyberpolygon Department of Solar Group, destroys established myths associated with cyber incidents.
Subscribe to RB.RU in Telegram
Content:
Myth 1: Hardware is not as important as people
Myth two: “We check everyone thoroughly”
Myth three: the scapegoat is always to blame
Myth number four: “our information security department is invulnerable”
Myth number five: Employee training should be done by the employees themselves
Myth 1: Hardware is not as important as people
According to the results of 2023, the total amount of damage from incidents related to information security breaches amounted to about 156 billion rubles. The internal violator factor prevails in incidents related to information leaks due to deliberate actions of insiders.
As investigations of cyber incidents show, many organizations do not monitor the activity of their employees, which allows insiders to steal data for years without fear of exposure.
The average damage from one information leak for Russian organizations in 2023 was about 5.5 million rubles, and there may be several such incidents during the year.
To reduce such risks, classes of information security solutions have been developed :
When investigating incidents, factors that could influence an employee's behavior and ultimately provoke him to commit illegal actions are often overlooked. And most importantly, these factors are usually hidden inside organizations: in the system of hiring, monitoring, and motivating personnel.
Stanislav Karpovich, Business Development Manager lebanon whatsapp phone number of the Cyberpolygon Department of Solar Group, destroys established myths associated with cyber incidents.
Subscribe to RB.RU in Telegram
Content:
Myth 1: Hardware is not as important as people
Myth two: “We check everyone thoroughly”
Myth three: the scapegoat is always to blame
Myth number four: “our information security department is invulnerable”
Myth number five: Employee training should be done by the employees themselves
Myth 1: Hardware is not as important as people
According to the results of 2023, the total amount of damage from incidents related to information security breaches amounted to about 156 billion rubles. The internal violator factor prevails in incidents related to information leaks due to deliberate actions of insiders.
As investigations of cyber incidents show, many organizations do not monitor the activity of their employees, which allows insiders to steal data for years without fear of exposure.
The average damage from one information leak for Russian organizations in 2023 was about 5.5 million rubles, and there may be several such incidents during the year.
To reduce such risks, classes of information security solutions have been developed :