Despite all the advances in cybersecurity these past few years, one thing will remain a constant in 2023: People will remain the No. 1 cybersecurity risk for any organization. As evidence to support this assertion, the Verizon 2022 Data Breach Investigations Report found the “human element” was a “key driver” in 82% of data breaches.
Backing up the Verizon data is the 2022 SANS Security Awareness Report, which found that an organization’s employees and vendors continue to drive breaches – whether intentionally or unintentionally.
“People have become the primary attack vector for cyber-attackers around the world,” wrote Lance Spitzner, SANS Security Awareness Director. “Humans, rather than technology, represent the greatest risk to organizations, and the professionals who oversee security awareness programs are the key to effectively managing that risk.”
Are You at Risk of an Insider Threat?
The 2022 Ponemon Cost of Insider Threats Global Report found that 56% of inside jobs were caused by employee or contractor negligence – at an average cost of $484,931 per incident. Despite all the training, employees and contractors are still likely to provide threat actors with an entry point through social engineering, phishing, or lapses that include sharing of passwords and login credentials.
What’s more, data from the 2022 Honeywell Industrial Cybersecurity USB Threat Report indicates that 52% of cybersecurity threats were specifically designed to use removable media, up from 32% in 2021 and more than double the 19% reported in the 2020 study.
These two reports combine to underscore a lethal concoction for cybersecurity professionals: negligent employees and contractors who remain unaware of cyber threats and cyber criminals exploiting this negligence by using removable media as the primary source for their attacks.
What You Can Do Now
USB port locks, network module locks, LAN cable locks, and secure USB hubs for your attached USB devices are inexpensive devices that can prevent negligent and malicious insiders from connecting removable media – USB flash drives, external hard drives, and anything else you can imagine – to your computers and/or your network.
Physically securing your data perimeter is a surefire way to protect your endpoints, preventing a triggering event that takes down the entire network or leads to a costly and embarrassing data breach.
