Research by Igres shows human active risk The top three threats for companies
London, United Kingdom – 6 April 2022 – Egress, the leading provider of intelligent email security, today announced the results of its Human Activated Risk Report, which revealed that more than half (56%) of IT leaders said their non-technical staff was only ‘somewhat’ prepared, or ‘at all for security attacks’. Not ready. In this high-threat environment, 600 IT security leaders from a wide range of industries were anonymously surveyed about their company’s security stance. Add to that the security compromise has increased since 77% of respondents left 2 years ago and there is a continuing significant risk for companies.
Human active risk is triggered by human behavior or actions, coercion by bad actors, human error or malicious intent. Technology may not be as flawed or functional as expected, but in many cases, the fault lies with the person operating it. Whether through negligence, malicious intent, or fraud by third parties, people can knowingly and unknowingly create a huge amount of risk that security teams need to handle. Among the top attacks associated with Human Activated Risk seen by IT leaders are:
- Accidental data loss through human error
- Employee spear fishing
- Business email compromise
The results of the study show that employees are exposed to top attacks or risks that result in human-active risks, such as accidental data loss, removal of malicious data or phishing attacks. Research has shown that 39% of IT leaders rely on native protection provided by Microsoft 365 and Google to protect against intrusive phishing attacks. What was further revealed was that more than 39% of companies today have 6 or more security solutions, a method that seems to be bringing more software to solve the problem and hoping to get better instead of looking at the root cause.
Other notable research findings include:
- 30% of IT leaders are not surveyed or do not know if there is a solution to detect accidental data loss from their organization’s misdirected email.
- 60% of respondents feel that their active security solutions still present them with a challenge.
- About 30% (+/- 180 IT leaders) surveyed do not understand what human active risk is.
“Organizations are facing a serious threat landscape, and the threat of cyber-attacks is growing,” explains Jack Chapman, VP of Igres’ Threat Intelligence. It is clear that many organizations are in a vulnerable position, facing a wide range of serious cyber security threats. Organizations must take action against attackers. We need to build defenses, provide proper training programs and take meaningful steps to address the risks posed to them from the inside out. It is in a strong position. “
For more information and interview requests, please contact Jordan Brackenbury at [email protected]
Our goal is to address the most complex cyber security challenges that every organization faces: internal risks. We understand that people are hacked, make mistakes and break the rules. To prevent these human-active violations, we have created the only human-level protection platform that protects against internal and external threats. Using patented contextual machine learning we detect and prevent abnormal human behavior such as misdirected emails, data exfoliation and targeted spear-phishing attacks.
Used by some of the largest brands in the world, Agres supports private equity and has offices in London, New York and Boston.