Human Error has emerged as a Significant Cybersecurity Risk
Chuck's cyber wall
There are many Cybersecurity Risks, but none is more consistently challenging to mitigate than Human Error. Yes, we are literally our own worst enemy when it comes to cybersecurity. Accepting that Human Error puts each of us at risk is a harsh reality that we cannot afford to continue ignoring.
So, what do we mean by Human Error?

Three primary types of Human Error relate directly to cybersecurity.
Slips and Lapses: these occur when experienced people make mistakes doing routine work. Although it might seem innocuous or even innocent, this is a huge issue. Most slips and lapses occur due to fatigue, speed-working, and poor training. All of these are addressable errors that can improve several aspects of work.
Violations: best defined as a deliberate attempt to work around existing cybersecurity, this counts as human error only inasmuch as it isn’t always malicious. Sharing credentials because it’s convenient, failing to use strong passwords or MFA, using professional influence or complaining until an exception is made are all examples of violations that occur in the workforce every day.
Disregarding Security: whether due to a lack of motivation, general apathy, or falling into comfortable routines, this is by far the most challenging type of Human Error to overcome. When an adult doesn’t care about something, they will find a way to ignore it until consequences force them to make the most trivial attempts to be secure or move on.
Cyber Threats are Manifold
We live in a world where foreign governments threaten retributive cyberattacks on the United States. As if things aren’t difficult enough with increases in phishing attacks, ransomware, software vulnerabilities, and social engineering attacks. When you throw Human Error in that mix, protecting our information and digital selves becomes a near-impossible task.
Considering that a report from Stanford University and the security firm Tessian found that 9 out of 10 successful security breaches resulted from Human Error, it is a significant risk. Further, corresponding research shows that in 95% of all breaches, human error proved to be a significant contributing cause. Meaning that all that cutting-edge technology used to detect threats is only as effective as the people who install and use it.
Mitigating Human Error
As with many things, mitigating Human Error begins with acceptance. We are all targets of cyber attack. The days of not being important enough to hack are long gone. Automated bots search the internet for vulnerabilities, and when they find a vulnerability, the attack begins. It doesn’t matter to the cybercriminal who you are, how much money you make, or what you do for a living,all they seek is the vulnerability.
Usernames. Passwords. Contact lists. Personal information. After collecting every bit of information about a vulnerable target, they begin looking for ways to exploit it. That could be selling the information to another hacker, using credentials to infiltrate work or home, using stolen passwords in other accounts, and many others. If that were not enough, cybercriminals are also using artificial intelligence to create more convincing phishing emails, fake phone calls, and other social engineering attacks, making cybersecurity awareness more important than ever.
This acceptance brings with it awareness and a choice. This choice takes us back to our three primary types of Human Error.
- When we are aware that threats are present, we are much less likely to fall to slips and lapses.
- Awareness carries a greater understanding of the threat, making us less likely to look for workarounds to cybersecurity practices
- Sadly, people who are aware that they are vulnerable to attack and still choose to disregard cybersecurity are a threat to themselves, family, and friends
Yes, there are still those who will refuse to accept it, but the more who embrace it and choose to practice good cybersecurity, the better it is for us all. And if you are in business, when employees find out that cybersecurity is important to owners, executives, and managers, it is more likely to be important to them.
We live in a time when it only takes one wrong click to destroy a business, empty a bank account, or put a friend or family member in a cybercriminal’s crosshairs. Mitigating Human Error is a choice we all have to make.
Clark Computer Services offers security awareness training to help businesses overcome the risks posed by human error. Give us a call at 301-456-6931 or send an email to [email protected] and see why Clark Computer Services is simply the best choice in Cybersecurity Services.
Our Industries
Have a Question?
Give us a call
301-456-6931
Our Services
Get a Free Quote
Previous Blogs
Chuck Sperati
Director of Cybersecurity and Marketing