Almost a third of cyber breaches due to employee error

Accidental cyber breaches caused by employee error or third party suppliers accounted for 30% of the total breaches recorded in the first six months of 2017.

 

Wednesday 2

 

Almost a third of cyber breaches due to employee error

That is according to new research by Beazley Breach Response (BBR) Services, which reveals that these types of breaches were particularly prevalent in the healthcare sector, where they accounted for 42%.

 

However, hacking and malware attacks continue to dominate, and were responsible for 32% of the incidents that were experienced by organisations this year.

 

“Unintended breaches account for almost one-third of all data breach incidents reported to Beazley and show no signs of abating,” Katherine Keefe, global head of BBR Services, said.

 

“They are a persistent threat and expose organisations to greater risks of regulatory sanctions and financial penalties. Yet, they can be much more easily controlled and mitigated than external threats.

 

“We urge organisations not to ignore this significant risk and to put more robust systems and procedures in place.”

 

This comes after previous research from Willis Towers Watson (WLTW) earlier this year showed that companies are focusing on technology at the expense of people risks when trying to improve their cyber defence.

 

Its data shows that approximately 90% of all cyber claims are the result of some type of human error or behaviour, while employee negligence or malicious attacks account for 66% of cyber breaches.

 

By contrast, only 18% are driven by an external threat, and cyber extortion accounts for just 2%, with businesses now being urged to focus more on how their workforce could be leaving them vulnerable to cyber risks.

 

“Evidence suggests that many businesses are taking an overly technocratic approach to cyber risk and are in danger of missing the bigger picture,” WLTW global cyber risk head, Anthony Dagostino, said.

 

“While technology has an important role to play, it really needs to be linked with an understanding of the human element.

 

“The simple truth is that a data compromise is more likely to come from an employee leaving a laptop on the train than from a malicious criminal hack.

 

“We believe employees and companies with a strong culture and cyber-aware workforce are the first line of defence against cyber risk.”

 

Most popular

  1. InsurTech investment predicted to reach record high

    Insurance technology companies attracted $3bn (£2.4bn) of investment in the first half of 2019 worldwide, and are on track to receive a record $6bn by the end of the year.

    11 September 2019

  2. Driverless vehicles could make motor premiums vanish

    The adoption of driverless vehicles could see up to three in five motor insurance premiums vanish worldwide, a study by global law firm Kennedys has suggested.

    04 September 2019

  3. Cyber security breaches predicted to rise 70% by 2024

    Cyber security breaches will increase by nearly 70% over the next five years and cost firms around $5trn (£4trn) annually, up from approximately $3trn today.

    23 August 2019

White paper

  • Quarterly InsurTech Briefing Q1 2017

    Why InsurTech? A Pressured Insurance Value Chain

    By Andrew Sagon, Andrew Johnston and Matthew Wong

    InsurTech is a burgeoning phenomenon that is modernising the insurance industry. It is disrupting the traditional value chain whereby insurers offer loss protection, and shifting the emphasis to risk mitigation. Incumbents face disintermediation as investors in search of higher yields pour money into insurance-linked instruments in the capital markets. And entrepreneurial businesses are targeting friction costs and inefficiencies within every aspect of the traditional value chain.

     

     

  • Insurance big data – float like a butterfly, sting like a bee

    Nimbleness and agility will unlock potential

    By Elinor Friedman, Andrew Harley and Klayton Southwood

    Recent Willis Towers Watson surveys in the U.S. have shown that P&C and life insurers in developed markets are taking seriously the potential of big data and predictive analytics to improve their businesses. Nimbleness and agility, rather than brute force, are likely to be key to realizing that potential.

    Download PDF

  • The new era of insurance analytics

    Driven by technology, toolkits and talent

    By Claudine Modlin and Graham Wright

    Advanced analytics is helping some insurers offer innovative products and solutions. What do insurers need to know about the changing nature of analytics and whether it is worth the investment? Claudine Modlin and Graham Wright discuss technology, toolkits and talent — topics that may help you decide.

    Download PDF

  • How can we manage the dynamic nature of cyber-risk?

    Risk transfer is part of a comprehensive solution

    By Adeola Adele, Patrick Kulesa, Kevin Madigan and Alice Underwood

    Given the dynamic nature of cyber-risk, taking a multidimensional approach that integrates board governance, technology solutions, behavioral change and risk transfer solutions can help reduce risk to a manageable level.

    Whitepaper Form