Cyber Attack Number 12/15: Inside Attack & Data Breaches
/A common misconception is that Cybersecurity is all about securing a business from outside threats. The reality is that a large percentage of threats are from insiders, whether intentional or unintentional.
In 2019, 52% of breaches featured hacking, 28% involved malware and 32–33% included phishing or social engineering, respectively. - Verizon.
In Australia in the last quarter of 2019, 32% of data breaches were the result of human error.
Example: You're rushing to finish a proposal before you head out for lunch. You accidentally send the proposal to the wrong contact.
Example: You're sending out a group email. You accidentally put all the recipients in the To or CC field, rather than BCC.
Risk Mitigation: In both examples, you have just caused a data breach. If you have leaked sensitive information, and it can be used for harm, your organisation may even have to officially report it under new Australian laws. If you're using O365, there are policies you can put in place to reduce the risk of this sort of thing happening. Regular training and education of staff is also important.