BAE Systems Incident Report shows human error critical piece of network vulnerability

Human vulnerability remains a major opening for cybersecurity incidents, according to a 2019 incident response report released last week by BAE Systems.

The report surveyed numerous organizations through engagement with board level executives, IT decision makers, and information security professionals to gain insight into current corporate readiness. It was clear that human error remained among the top reasons for breach, and with an increasing number of incidents occurring each month, this backdoor is becoming more problematic.

Seventy-one percent of those affected were from phishing attacks, and 65 percent were untargeted viruses or malware, opened either through mistake or deliberate attacks on employees’ daily routines. Most organizations (66 percent) deal with between one and 25 cybersecurity incidents per month, according to the report. At the same time, 26 percent of companies reported between 25 and 99 incidents per month while 8 percent reported more than 100 incidents per month.

“With the number of breaches continuing to increase and human error being a significant concern for companies, the importance of having incident response plans in place is more critical now than ever before,” Mike Hepple, Security Consulting Manager in North America for BAE Systems Applied Intelligence, said. “We found that 22 percent of the organizations we surveyed had only temporary or no incident response resources in place. This means that far too many companies are ignoring a large piece of their cybersecurity defense.”

Prevention has largely been the focus for companies to date, not reaction, and it shows. Beyond aforementioned 22 percent, only 23 percent of incident response teams even conduct readiness exercises with senior management, leaving a key — and exploitable — knowledge gap. All of this highlights why companies need response teams, BAE Systems concluded, as well as what needs the most focus.

“Given a clear understanding of the threat landscape and internal policy, incident response teams can triage, investigate, and mitigate security events effectively,” Hepple said. “Creating response plans can help align an organization’s workforce and procedures and even develop threat-modeled scenarios specific to each organization.”