Human error is often the weakest link in an organisation’s cyber security defences. While technological solutions can go a long way towards protecting data and systems, they are only as good as the people who use them. Unfortunately, all too often, humans are the ones who make mistakes that lead to data breaches or allow malicious actors to gain access to systems.
The Office of the Australian Information Commissioner (OAIC) reports that about 30% of overall data breaches are caused by human error. According to the Verizon 2022 Data Breach Investigation Report, 82% of data breaches involved a “human element,” including social attacks, user errors, and overall misuse.
The Cost of the Human Risk Element
The cost of human error in cybersecurity can be significant. According to an IBM report, the average cost of a data breach is US$4.24 million dollars (~ AU $6.13 million).
In addition to the financial cost an organisation can also suffer reputational damage. Recently, the Australian Federal Court determined that an Australian Financial Services licensee mismanaged their cybersecurity risk, which resulted in cyber criminals obtaining access to their clients’ valuable and sensitive information. Such consequences are especially devastating when cybersecurity awareness training may have helped mitigate the risk of a breach.
Mitigate the risk of Human Error with Cybersecurity Awareness Training
Just how successful is cybersecurity awareness training in fighting against human error-related data breaches? According to the Ponemon institute, even minimally effective training programs yield a 7x return on investment. A middle-of-the-road option resulted in a 37x ROI.
About PhishNet
PhishNet delivers highly effective, engaging and affordable cybersecurity training that empowers staff to reduce an organisation’s risk.
Talk to PhishNet today to learn more or check out our free Risk Assessment.