In the third video from BSI Learnings Future Learning Podcast, Damien Cantelo, CEO of Apollo, shares his invaluable insights and a real-world business case study, shedding light on the pervasive issue of human error in cybersecurity breaches.
As the cybersecurity threat landscape changes, organisations grapple with an array of threats, and human error emerges as our top vulnerability. Damien Cantelo, CEO of Apollo and an expert consulting closely with a range of top organisations discloses a staggering statistic – over 85% of major data breaches can be attributed to mistakes made by individuals who click a link, share information or inadvertently provide access to threat actors.
The role of Human Error:
The podcast then delves into specific instances of businesses falling victim to breaches caused by human error. A notable case is the SolarWinds data breach in 2020, where a seemingly minor oversight by an intern inadvertently exposed critical source code on GitHub due to a simple password choice. This breach had far-reaching consequences, infiltrating major organisations globally, prompting President Biden to issue an executive order to reform reporting practices.
Case Study – SolarWinds:
The SolarWinds incident serves as a poignant reminder that even monumental cybersecurity breaches can stem from seemingly trivial lapses in judgement. Lack of awareness and training for the intern, coupled with oversight from their manager, could have prevented a catastrophic breach affecting some of the world’s most prominent organisations.
Damien emphasises the implications of such incidents and underscores the urgent need for heightened awareness and training across all organisational levels. The conversation then focuses on the threat posed by third-party systems, highlighting the challenges organisations face in securing subscription-based and cloud-based systems they have less control over.
Other Common Challenges:
Another human-related breach discussed is the act of emailing the wrong recipient, showcasing the significant impact even seemingly mundane errors can have, especially when sensitive information is involved. Cantelo stresses the importance of maintaining vigilance, as a simple mistake can lead to major consequences for both individuals and organisations.
Conclusion:
The key takeaway is that human error will always be a challenge in securing our systems and software, but proactive measures, including continuous awareness training and robust security protocols, can significantly reduce their frequency and impact. Organisations must prioritise cybersecurity education and instil a culture of vigilance to protect against evolving digital threats.
In our next section of the BSI Future Learning Podcast:
Kala, Simon and Damien delve deeper into the human side of cybersecurity, exploring the ongoing need for strict rules and checklists to hold teams accountable and equip them with the necessary tools for maximum protection. Join us on this journey as we navigate the challenges of modern cyber readiness and empower organisations to stay ahead.
Thanks again for tuning in to The Future Learning Podcast!
Watch in the video below or listen/follow along on Spotify or Apple podcasts.
