The “Human Element” Accounts for 74% of Data Breaches
People are one of the most common factors contributing to successful data breaches. This year’s newly-released Data Breach Investigations Report outlines the three primary ways attackers gain initial access to an organization: credentials, phishing, and exploitation of vulnerabilities.
In the figure below, it’s evident that the first two are the primary problem:
Source: Verizon
According to the report, approximately 90% of initial access involves social engineering and people. Putting this together, it becomes evident that social engineering is used primarily to obtain credentials from a victim that has no idea they are being scammed.
Security Awareness Training is key in helping to reduce the likelihood of users falling for social engineering scams – whether in email, on the web, in a text, etc. – designed to harvest credentials (or any other malicious outcome). Interested in learning more about our security awareness training solutions? Contact Yeo & Yeo Technology.
Information used in this article was provided by our partners at KnowBe4.