Digital danger: The human angle

Cyber risks result more from human behaviour than technological faults. There are many ways in which a person can do the wrong thing – lack of training, poor communication, unclear role definition, deliberate misconduct… However, they all stem from two root causes: employee error or internal sabotage.

According to a survey of the insurance community by Swiss Re and IBM®, 40% of respondents believe employees lack the digital skills for the interconnected world and its risks. This indicates an urgent need for more training across industries. If 4 in 10 employees are really not up to speed, hackers will just need to knock on the door and it will open. As cyber threats grow in sophistication and volume, that is an untenable situation.

Granted, you can never totally rule out negligence. But it is possible to take measures that reduce the likelihood of errors. Encourage open discussion on cyber security in the company. Foster a culture of caution so employees are comfortable discussing something they aren't sure about. This is mainly the Chief Risk Officer's remit but all departments need to support this behaviour.

How do you deter rogue employees? Introduce a vetting system for the staff, with the most stringent checks on IT super users and senior management. Conduct random testing to check for unusual behaviour and review log files. If you find anything strange, challenge the employee concerned.

The human angle is a weakness if left unguarded. There are many ways in which employees can be duped into making an error. By the same token, if you have loyal employees with the right skills and knowledge, they can be a source of strength against cyber-attack. Give your employees the support they need to keep your cyber door shut.

A data breach doesn't mean game over. After a cyber-attack we get you back in business.

Learn more about our Cyber insurance solutions.