• 11 September 2019
  • 2 min read

Why do people make mistakes?

TSC’s sister organisation, the Security Awareness Special Interest Group (SASIG) connects cybersecurity professionals from all areas. We invite SASIG Supporters to share their cybersecurity insights...

Mistake 600x450 580x250 acf cropped

TSC’s sister organisation, the Security Awareness Special Interest Group (SASIG) connects cybersecurity professionals from all areas. We invite SASIG Supporters to share their cybersecurity insights in The Insider. In this piece, we review a report from machine learning email security company Tessian, delving into human error, the reasons why it happens and how to minimise it.


human error mistakes

The greatest vulnerability

If you’ve recently deployed the latest and greatest cybersecurity solution, congratulations, you’re one step closer to having control and visibility over your organisation's threat landscape. But the reality is that whatever systems you put in place they do not address the most serious threat — human error.

While every employee should be considered a vital part of the information security team, it is a hard and frustrating fact that not all employees have the same level of security awareness and training as a CISO, nor do all employees display safe information security behaviour 100% of the time.

Consider this: 88% of UK data breaches are caused by human error, not cyber attacks (source: Verdict)

Arguably, this is never truer than when it comes to emails. Email remains the number one channel of communication in the enterprise, and as a result, the primary way data is lost and systems are compromised. From phishing in all its guises, through data exfiltration to incorrectly addressed communications, email starkly exposes an organisation’s human weak spot.

Enter SASIG Supporter Tessian, experts in human layer security, focussed on protecting all human-digital interactions in the enterprise. They have developed a range of machine-intelligent filters to protect people using email.

They have also produced a report – Why do people make mistakes? – which, as the title suggests, examines the causes and triggers of human error.

It explores:

    • Factors in the workplace that impair people's ability to make the right cybersecurity decisions all of the time

    • The need for business to find ways to protect their people and mitigate costly mistakes

With analysis from academics at the University of Central Lancaster and Lancaster University, Tessian looks to switch the narrative from ‘we all know humans are the weakest security link’ to focussing on finding solutions that protect people and reinforce safe email practices.

Have a read and re-appraise your approach to email security and human error.

Read Tessian's report here...



See how we can help you protect your organisation today?