Sunday December 15, 2019
Home Lead Story New Report Re...

New Report Reveals Employee Errors Lead to Over Half of Cybersecurity Incidents

“Taking a comprehensive, multi-layered approach — which combines technical protection with regular training of IT security specialists and industrial network operators — will ensure networks remain protected from threats and skills stay up to date,” Shebuldaev said

0
//
Data,Privacy
A French soldier watches code lines on his computer during the International Cybersecurity forum in Lille, northern France, Jan. 23, 2018. VOA

Despite automation, human factor can put industrial processes at risk. A new report has revealed that employee errors or unintentional actions lead to over half of cybersecurity incidents in industrial networks.

Organisations are experiencing a shortage of professionals to handle new threats, said the report from cybersecurity firm Kaspersky.

Organisations are also worried that their operational technology and industrial control system (OT/ICS) network operators are not fully aware of the behaviour that can cause cybersecurity breaches, according to the report titled “State of Industrial Cybersecurity 2019”.

These challenges make up the two major concerns relating to cybersecurity management and go some way in explaining why employee errors cause half of all industrial control system incidents — such as malware infections — and also more serious targeted attacks.

americans, inactive
FILE – A worker sits a computer at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Aug. 22, 2018. VOA

In almost half of companies (45 per cent), the employees responsible for IT infrastructure security also oversee the security of OT/ ICS networks, combining this task with their core responsibilities.

Such an approach may carry security risks. Although operational and corporate networks are becoming increasingly connected, specialists on each side can have different approaches and goals when it comes to cybersecurity.

Also Read: Google, Wipro to Speed up Digital Shift of Enterprises: Report

“This year’s study shows that companies are seeking to improve protection for industrial networks. However, this can only be achieved if they address the risks related to the lack of qualified staff and employee errors,” said Georgy Shebuldaev, Brand Manager, Kaspersky Industrial Cybersecurity.

“Taking a comprehensive, multi-layered approach — which combines technical protection with regular training of IT security specialists and industrial network operators — will ensure networks remain protected from threats and skills stay up to date,” Shebuldaev said. (IANS)

Next Story

37% Computers that Collect Biometric Data Face Hacking Attempts: Report

1 in 3 biometric data computers face hacking attempts

0
data hacking
One in three computers that collect biometric data have faced many hacking attempts. Pixabay

One in three computers (37 per cent) engaged in collecting biometric data globally faced hacking attempts in the third quarter of this year, a new report said on Friday.

The devices — servers and workstations — use to collect, process and store biometric data (such as fingerprints, hand geometry, face, voice and iris templates).

Overall, a significant number of conventional malware samples were blocked, including modern remote-access Trojans (5.4 per cent), malware used in phishing attacks (5.1 per cent), ransomware (1.9 per cent), and Trojan bankers (1.5 per cent), said the team from cybersecurity firm Kaspersky ICS CERT.

“The existing situation with biometric data security is critical and needs to be brought to the attention of industry and government regulators, the community of information security experts, and the general public,” said Kirill Kruglov, senior security expert, Kaspersky ICS CERT.

Biometric data
The existing situation with biometric data security is critical. Pixabay

An analysis of threat sources showed that Internet is the main source of threats for biometric data processing systems — threats with this source were blocked on 14.4 per cent of all biometric data processing systems.

This category includes threats blocked on malicious and phishing websites, along with web-based email services.

“Though we believe our customers are cautious, we need to emphasize that infection caused by the malware we detected and prevented could have negatively affected the integrity and confidentiality of biometric processing systems,” Kruglov added.

Threats blocked in email clients were ranked third (6.1 per cent — in most cases these were typical phishing emails (fake messages on the delivery of goods and services, the payment of invoices, etc.) containing links to malicious websites or attached office documents with malware.

Also Read- Uber Launches Campaign for Women and Youth in India

Like many other technologies that have lately been rapidly evolving, biometric authentication systems have proved to have significant generic drawbacks.

“The key shortcomings of biometric authentication technologies are usually cause by information security issues,” said the report. (IANS)