Get in touch





I agree to the
terms & conditions


Human Error: are your colleagues putting you at risk of a data breach?

Organisations know that by investing in their IT security they can massively reduce the risk of a crippling cyber-attack or a data breach. What many businesses are forgetting, however, is that it’s all well and good investing in products and processes, but there is one more ‘P’ that most certainly needs supporting.

That ‘P’ stands for people.

According to information from the Information Commissioner’s Office, it’s clear that 9 out of 10 of the cyber-breaches that were reported to the ICO last year in 2019 were actually the result of errors made by employees (6 out of 10 from phishing). That’s up by 29% since 2017 – so what is causing these blunders and how do we prevent them?

This blog discusses why employees make mistakes, what the consequences of human error can be for your organisation and why educating your staff is just as important as having a firewall.

What causes humans to make mistakes that lead to a breach?

There are many ways a user can make a mistake that can lead to a cyber-attack. One key contributor is phishing.

Phishing accounts for nearly 50% of all reports to the ICO. Phishing is forever on the rise as cyber-criminals continue to find cunning ways to get their malicious emails into people’s inboxes. In fact, 92% of malware is delivered via email to users and 16 malicious emails are received by the average user each month. A simple lack of employee awareness of today’s threats is therefore detrimental to your security posture – if users do not understand how to spot a phishing email, it’s likely they’ll fall victim to one. Feel free to check out our helpful guide “Off the hook: 6 Tips to avoid Phishing scams” to help educate yourself and your colleagues on how to spot phishing emails.

Another issue associated with human error is unauthorised access. Unauthorised access is where an individual gains access to an organisation’s data, networks or endpoints without permission. This can occur when users either use weak passwords or are targeted in a social engineering attack. An example of a social engineering attack would be receiving an email from an individual who is impersonating a senior member of your organisation, asking for credentials or requesting for an invoice to be paid. Like with other types of phishing emails, cyber-criminals can make these messages seem highly legitimate – but this doesn’t mean they are impossible to distinguish if users are skilled up with relevant training.

What are the implications of human error?

There are a wide variety of security risks that are the result of human error. As we are sure you know, it is usually the intention of a cybercriminal to either steal or destroy your organisation’s private data or to compromise your systems and use them for illegitimate activity. The consequences of both things can damage your business’ reputation and provoke fines imposed by the ICO on the back end of GDPR.

Educating your employees is important

Security awareness training is a great way to educate your employees about the dangers and risks associated with cyberattacks and can drastically reduce the chances of human error. One key benefit of security awareness training is the simple fact that it reduces errors. A recent INFOSEC study showed that if a programme was implemented to teach them about common scams and phishing emails that they were much less likely to accidently click on links or open files.

As a result of staff education, your organisation will also benefit from more vigilant employees, increasing security and possibly saving time and money.

You can learn more about how security education can benefit your organisation in our blog “6 Key Benefits of Security Awareness Training”.

If you have any questions about security training programmes, please get in touch with Nouveau by calling 01189 186824 or email in to hello@nouveau.co.uk


” I would like to take this opportunity to thank you for all the prompt assistance you provided us with during this project.

Could you kindly express our gratitude to your engineers for the excellent work they carried out for us. “

Farhad | London Borough of Hounslow

×


” Being responsible for IT in an organisation which is very tech dependant is a real challenge, especially having no formal IT experience myself.  Having the Nouveau team at the end of the phone is a real-life saver and I have needed a life line many times.  I most appreciate the accessibility, knowledge and friendliness of the team. “

Judith Ball | CFO | Aspen Worldwide

×

Euronics Logo
” The company I work for has been using Nouveau Solutions for the past 15+ years and I have had the pleasure myself to build up a good, close relationship with them for about 12 of those years.

Nouveau Solutions have dedicated teams for each different area that are made up of very knowledgeable technicians and engineers that specialise in their specific area of expertise. It is due to this that I always feel confident that Nouveau Solutions will be able to deliver us any IT services that we may request from them (there has been a lot over the years).

They have always gone above and beyond to deliver high quality professional IT services to meet any requirements that we throw at them within any timeframes that we may set.

On top of the ad-hoc IT services we request from Nouveau Solutions, they also monitor, manage, maintain and support some of our network infrastructure and have always been on hand to resolve any issues that may be noticed via their monitoring or raised by us within a timely manner.

We also purchase the majority of our IT equipment including hardware, software and licensing through Nouveau Solutions which is always at a reasonable price and always received within a timely manner.

Since day one of our relationship with Nouveau Solutions we have been appointed to the same one account manager which has allowed him to get to know our business very well. The service that has been provided by him to us has been nothing but exceptional. He always comes across as knowledgeable in any business discussions that we may have and has always been happy to take the time to communicate with us, make us aware of anything that we need to be aware of, or provide us with updates on anything.  I have always had the impression that his main priority is to ensure that we are happy with everything that Nouveau Solutions provides to us and he will do anything to ensure that is the case.

All in all, I have nothing but praise to offer for Nouveau Solutions and would highly recommend them to any company that was looking for an IT services company.  There are definitely no plans here to switch to a different IT services company for the foreseeable future.

Here’s to many more years with using Nouveau Solutions! “

Lee Burgess | IT Systems Administrator | Combined Independents (Holdings) Ltd

×


” Nouveau have been brilliant from start to finish – very professional and competitive with their service and pricing. We needed a large number of Firewalls to deploy across our global company over a very short time period and thanks to Jack’s excellent availability, Nouveau’s turn-around time was extremely swift, even with nearly no notice. Nouveau not only provided us with the hardware  – one of their competent technicians supplied us with some design work in the past to help with our data centre firewalls replacement project! Nouveau have been great to work with. “

Hassan Ashraf | IT Service and Infrastructure Manager | Everlight Radiology

×


” In the summer of 2017, I approached Nouveau in the hope of finding a competent partner that could help us through an upcoming hardware refresh. A priority of ours was to discover a local business (within 20 miles) that excelled and specialised in HPE, Dell, Fortinet and Microsoft/Office 365 as we planned to refresh our whole core infrastructure,. This included storage, infrastructure hosting and networking (core, access and perimeter) for our headquarters and our other branches. After an extensive phase of speccing, detail planning and quoting, Andy Swain and his team were able to offer a “spot on” solution for our demands with a very high cost/value ratio. This project led to a very open and trusting partnership with Nouveau and made them our No.1 partner within IT. “

Stefan Nader | Ensilica

×