Up to 90% of data breaches in the Leeds City Region are caused by human error.
Nine out of ten of the 2,376 breaches reported were due to “mistakes by users”. Phishing was named as the main cause of breaches which was 45% of all the reports.
Unauthorised access, brute force password attacks and ransomware were also highlighted.
‘Human error’ is often used as a convenient umbrella term when we don’t understand (or don’t want to acknowledge) the things that really make it difficult for people to behave securely. Making it easier for people to engage in their organisation’s security culture can improve the effectiveness of cyber security measures.
In times of crisis, a well crafted and communicated plan helps everyone understand the path forward and their role. Creating an Incident Response (IR) plan is not going to take away the anxiety, but it will make co-ordination much clearer and convey to staff and clients the organisation is in control.
The plan could include:
- Who is responsible?
- The initial steps the organisation takes to secure the situation?
- Commissioning an IR specialist that does the technical part of the remediation
- Making a documented report of the situation
- A communication plan to the relevant stakeholders in the company and any 3rd parties
- Lessons learned and protecting the business for the future
Cyber threats are unfortunately another hazard that all business sectors need to live with. However with some pre-planning, training and technology in place businesses can reduce their risk and be confident that if a breach happens, they know how to respond to it.
We recommend sourcing a local IT company to assist you.
If you plan to buy a product or service for your business in the next 12 months please complete the form below.