Human Error

5 Ways to Reduce Human Error and Increase Information Security

According to a recent study, 70% of health organizations and business associates stated that their top threat to information security is human error. According to CompTIA, the IT industry trade association, human error accounts for 52% of breaches. Here are five ways that companies can reduce human error and increase information security.

Training

The first way is to provide extensive and frequent training and promote awareness of security issues. Anything from a stray comment on Facebook, to using the same password for a personal/professional account, to downloading an app on a personal device can provide access to criminals bent on breaching security.

Crew resource management (CRM) training has been shown to significantly reduce human error, focusing on recognizing potential security incidents, communication, problem-solving, teamwork, and decision-making. Even in information security, humans are the strongest resources in potential crisis scenarios. In issues of cybersecurity, CRM training means imagining and rehearsing scenarios and how to respond to and contain them.

According to the CompTIA study, only 54% of those surveyed said that their company offers cybersecurity training—and of those, only 65% said that training was ongoing.

Additionally, one of the biggest factors leading to human error is overwork and fatigue. Exhausted humans make more mistakes than tired humans. In other words, one of the best techniques for preventing breaches is making sure a business has a happy, rested workforce.

Multifactor Identification and Authentication Management

Many industries—including, unfortunately, nuclear plants—still use factory-set passwords like “1234” for sensitive equipment. Many security experts recommend “multifactor authentication,” which uses several metrics to identify and authenticate users. Even adding one more metric to the criteria for identification and authentication can increase security.

However, multifactor identification is not impervious to hackers, and there are many ways to bypass it. Thus some have advocated doing away with passwords entirely, and switching to biometric identifiers—a thumbprint, for instance—along with other credentials that cannot be stolen or forgotten.

Network Management

Understanding the network is essential to managing it. What dependencies does it have? Which technologies does it use, and how can their security be improved? What assets could be targeted by hackers? What sensitive information must be protected to contain threats to the business or to comply with federal law?

Mapping the network is a vital step towards understanding it from a broader perspective. It allows for analysis that is only possible with a wider view of the overall system. Networks are incredibly complicated systems: routing rules, access rules, NAT, VPN, host services, patches, and assets must all be understood in relation to each other.

Then a threat and risk analysis on the security infrastructure must be carried out. This will lead to an understanding of what factors need greater security and management from a micro-viewpoint. From there, network administrators can run risk-assessments to better manage the network’s security, and to strategize on how best to contain breaches in worst-case scenarios, depending on what information was compromised.

System Monitoring and Surveillance

If hackers get a foothold because of human error, there are still ways to minimize impact. However, this requires that the breaches be identified. System monitoring and surveillance techniques use programs to identify indicators of possible cybersecurity incidents so that they can be contained.

System monitoring and surveillance involves both machine and human intervention. Machines collect data, and humans analyze it to determine whether the network is secure. Then humans are in charge of deciding where intervention is most needed. This requires standardized rules and best practices for triaging issues according to where the most risk is placed, investigation, response, and reporting.

Breach Detection

However, prevention isn’t enough. Cybersecurity breaches will happen, and the most damage is caused just after a breach.

To detect breaches, businesses must identify the “breadcrumbs” that attackers leave behind during each stage of the attack. Attackers move across networks in abnormal ways: generating connections to command and control servers, or using any possible credentials to gain access to sensitive assets (e.g., using a login from an employee in one department to gain control to something completely unrelated). Some breach detection software identifies these odd behaviors as signs pointing towards a breach.

However, the first line of defense is still the human being. A human understanding and analysis of the system is essential to implementing the best monitoring and breach detection techniques.

Learn More

Earning a master’s in emergency management from Eastern Kentucky University can help you increase your knowledge of the safety industry and demonstrate a continued commitment to learning and leadership. Whether you aspire to work at the governmental level or move into the private sector, our distinguished faculty of safety professionals delivers a comprehensive curriculum that can translate wherever safety matters most.

Sources

https://iapp.org/news/a/the-biggest-threat-to-data-security-humans-of-course/

https://www.shrm.org/resourcesandtools/hr-topics/risk-management/pages/human-error-top-cause-data-breaches.aspx

https://securityintelligence.com/how-to-reduce-human-error-in-information-security-incidents/

https://www.crest-approved.org/wp-content/uploads/2015/05/Cyber-Security-Monitoring-Guide.pdf

http://www.networkworld.com/article/2173927/tech-primers/best-practices-for-network-security-management.html

https://techcrunch.com/2014/09/06/why-breach-detection-ss-your-new-must-have-cyber-security-tool/