Cyber Pros failing due to knowledge gaps causing preventable errors

March 2, 2024
1 min read

TLDR:

  • Three in four successful cyber breaches involve human error
  • Lack of theoretical and practical knowledge in cybersecurity professionals leads to on-the-job errors

In a recent study conducted by Kaspersky, it was found that human error plays a significant role in cybersecurity breaches, with three in four successful breaches involving some form of human error. This could include privilege misuse, stolen credentials, or falling victim to social engineering tricks. The study also highlighted a knowledge gap in newly minted cybersecurity professionals, which could contribute to on-the-job errors.

Despite the need for better trained cybersecurity staff, there is a shortage of cybersecurity professionals, with the cybersecurity talent gap reaching four million in 2023. Entry-level cybersecurity professionals often exhibit gaps in their knowledge, leading to common mistakes such as failing to update software, using weak passwords, and neglecting backups. These mistakes can be detrimental to organizations and highlight the need for comprehensive on-boarding processes and up-skilling opportunities.

To address the knowledge gap and integrate cybersecurity professionals more smoothly into the workforce, Kaspersky recommends updating training programs, providing real-life cybersecurity experiences through internships, and investing in upskilling programs for corporate staff. Education and training are crucial in addressing human errors in cybersecurity and can help prevent breaches caused by user behavior.

Overall, the study emphasizes the importance of continuous education and training in the cybersecurity field to reduce errors and enhance the overall security posture of organizations.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and