To Err is Human, but Data Loss is Preventable.
Prepare for Data Breaches.
Table of Contents
In honor of this year’s theme for Cybersecurity Awareness Month – “See Yourself in Cyber” – we’re looking in the mirror and addressing the data breaches caused by human error. Unfortunately, humans continue to be one of the biggest causes of data loss. However, according to at least one survey, cyberattacks are taking over the top spot.
Considering that simple mistakes often enable ransomware and phishing attacks – i.e., clicking a bad link, using an obvious p@$$word123, or accessing critical information on public Wi-Fi networks – cyberattacks and human error go hand in hand. So, what’s the difference between accidental and malicious data deletion as it relates to human error versus cyberattack? More importantly, how do MSPs protect clients from inevitable data deletion and data breaches caused by human error if they’re so prevalent?
Keep reading to…
- Understand the differences between data breaches caused by human error and by cyberattacks.
- Evaluate the impact of data deletion – be it an accident or for malicious gains – and take a security-first approach to live with both realities.
- Reinforce cybersecurity with clients and prepare your MSP for overcoming today’s cyberattacks.
Oops, Mea Culpa! Data Breaches Caused By Human Error
As is obvious, data breaches caused by human error are simply mistakes…accidents…blunders…but these whoopsies can have enormous consequences. A well-intentioned employee can unknowingly open the entire business to a potentially fatal ransomware attack. All it takes is one click.
“The human element continues to drive breaches. This year 82% of breaches involved the human element. Whether it is the use of stolen credentials, phishing, misuse, or simply an error, people continue to play a very large role in incidents and breaches alike.”
Knowing that humans play a big role in data loss is one thing – understanding what we’re doing wrong is another thing. Data breach analysis is necessary to interpret and address the issues of human error and accidental data loss. Changing how humans behave isn’t easy, no matter how much cybersecurity training you put them through. Organizational policies, procedures, and safeguards, however, have a way of saving us from ourselves (sometimes). Look at these common examples of data breaches caused by human error to understand what’s going on so you can help clients reduce these incidents from occurring.
Humans Being Human
The simple fact is that humans are going to be human. We delete things from the company file server to “clean up” – without thinking that other people may need that data. We bypass secure VPNs and on-prem connection requirements to save time and work on public Wi-Fi networks. Prioritizing our immediate desire for speed and preference, for example, above data protection, significantly reduces security. With that said, most of us have been there. Assuming “it won’t happen to me,” we break the rules. It might not happen to you this time, but the more people break the rules – and with higher volumes of people who can break them – the more likely a business will experience a data breach caused by human error.
Remote and hybrid work has dramatically expanded the perimeters of data protection. In-office employees have access to optimal security and backup conditions, including corporate firewall protection and the ability to quickly back up to a dedicated local BDR server. Conversely, out-of-office employees rely on use policies for safe data access in collaboration and productivity tools like Microsoft 365 and Google Workplace – both of which should have their own backups.
As mentioned above, this is where human preference collides with human error. People save files from laziness or ease of access to non-approved locations, like their desktops and personal devices. Now, if an employee accidentally deletes the data, overwrites the data on an unprotected system, or compromises the device via damage, theft, or loss, the data is gone.
Bring Your Own Device (BYOD)
BYOD policies allow employees to use their personal cell phones for work purposes. Employers typically pay a monthly stipend to help employees cover costs, and employees are happy not to carry around two cell phones. The potential for disaster is obvious. Not only are cell phones easy to lose and destroy, but unless the company has demanded access to the phone for backup and disaster recovery protections, there’s no telling if or how business data is being secured.
This is obvious after the last two… Whether it’s cell phones and tablets out in the field or laptops at home, devices are easily lost, stolen, or destroyed. Beyond the security risks of data breaches caused by human error and accidental data deletion, equipment woes are expensive and frequent. A laptop is stolen every 53 seconds, mostly from bars, public transportation, workplaces, and conferences. Seventy million smartphones are lost each year, with only 7% recovered. And every lost mobile device can cost your business $50,000. Around 30% of Americans report losing a work device, and less than half of them said they contacted their company after it was lost or stolen.
Device Management and Offboarding
With all of this data on a variety of devices, being accessed on a variety of networks, by a variety of users, and in various locations, management is challenging. Businesses must know who is working from what device and make sure they have the cybersecurity protection required on their device. On top of that, when employees leave, their data needs to be transitioned back to the company and preserved. Many highly regulated industries require years of data retention, and deleting that data could put you in jeopardy of being out of compliance.
Preserving data is especially hard with Microsoft 365 and Google Workspace. Often, when an employee leaves the company, the company is forced to keep paying for the license just to retain the data. If the accounts are terminated, the data is gone forever. Axcient x360Cloud allows MSPs to archive the data in Microsoft 365 to close accounts and reduce costs without losing data.
$h!t, We’ve Been Hit! Data Breaches Caused by Cyberattack
As opposed to accidental data breaches caused by human error, cyberattacks are malicious efforts by bad actors to encrypt, sell, or destroy data to gain money or wreak havoc. Unfortunately, cyberattacks continue to increase in both frequency and sophistication year over year. Two of the most popular attack strategies are phishing and ransomware.
The problem with phishing is that it works. In a survey of 1,000 MSPs, 54% say spam and phishing emails are the most common delivery method and the most significant cybersecurity vulnerability causing ransomware infections. The next two highest reported causes are poor user practices/gullibility (27%) and lack of cybersecurity training (26%). The positive takeaway from these statistics is the human factor.
Phishing doesn’t work without a human opening the email, clicking the link, or completing the action requested. In fact, more than 99% of cyberattacks rely on human interaction to work successfully. Despite that 95% of organizations say they deliver phishing awareness training, Terranova Security’s Gone Phishing Tournament finds that almost 20% of all employees are likely to click on phishing email links 67.5% go on to enter their password credentials on a phishing website. Obviously, there’s a disconnect between employee training and identifying risks in the real world – and it’s costing SMBs, on average, $25,612.
“…while only 2.9% of employees may actually click on phishing emails, a finding that has been relatively steady over time, that is still more than enough for criminals to continue to use it. For example, in our breach data alone, there were 1,154,259,736 personal records breached. If we assume those are mostly email accounts, 2.9% would be 33,473,532 accounts phished (akin to successfully phishing every person in Peru).”
Ransomware has been and continues to be the king of cyberattacks these days. It’s often what’s unleashed after bad actors gain entry to systems via human error. Despite an abundance of press surrounding ransomware and the fact that both MSPs and SMBs are targeted in ransomware attacks, some SMBs are still not prepared with comprehensive business continuity and disaster recovery solutions (BCDR). To jog your memory about just how lousy ransomware is, here are some of the latest statistics:
- 78% of MSPs reported ransomware attacks on their clients from 202-2021.
- 13% increase in ransomware in 2021 – a rise as significant as the last five years combined.
- 40% of ransomware incidents involve desktop sharing software, typically used by remote or hybrid employees.
- 35% of ransomware incidents involve email, such as phishing attacks.
- 50% of ransomware demands are more than $50,000.
- 80% of businesses that pay the ransom suffer a second ransomware attack, often by the same threat actor group.
Unfortunately, SMB clients can grow numb to all the cyberattack strategies and statistics threatening their business. The belief that “it won’t happen to me” can cause business owners to put training on the back burner. Cost-conscious SMBs might prioritize profits and growth over cybersecurity and the consequences of data loss. Regardless of these hurdles, businesses must regularly confront the number one cause of data loss they’re up against – human error – which leads to cyberattacks.
The Best Offense is a Security-First Approach Defense
As an MSP, it’s your job to prepare clients for the realities of the cybersecurity threats against them. Taking a security-first approach means you don’t hope it won’t happen; you assume that it will. Using educational resources like this threat glossary designed for end users and our MSP Quick Guide: Surviving a Total Ransomware Takedown is a great way to start. MSPs and their SMB clients need to confront the reality of data breaches caused by human error. The bottom line is it’s going to happen. Preparing for it – with a comprehensive BCDR solution, disaster recovery planning, cyber liability insurance, and practiced incident response policies –determines survival. Are you ready?
About the Author: Carissa Johnson // Product Marketing Manager, Axcient
Carissa Kohn-Johnson has a background in behavioral and physical healthcare technology and information technology and currently works as the Product Marketing Manager for Axcient. She has a lot of MSP Channel experience from planning and attending hundreds of conferences and tradeshows, and found her passion in technology, and working with MSPs in particular. She serves on the Information Services Advisory Board for her community and feels most at home with other technology-forward people. Connect with her on LinkedIn – perhaps you can contribute to the Axcient blog?