CFOtech India - Technology news for CFOs & financial decision-makers
India
Guides
#
big data
#
business intelligence
#
cybersecurity
#
digital transformation
#
work from home
Search
Story image
#
IAM
#
Ransomware
#
MFA
Human error is the top cyber threat, according to CTOs
Thu, 29th Feb 2024
Author image
By Shannon Williams, Journalist
Follow us

A recent study by IT consulting agency STX Next reveals that 59% of Chief Technology Officers (CTOs) regard human errors as the most significant cyber threat within their organisations. The study also pointed out ransomware (48%) and phishing attacks (40%) as major concerns.

The research found that in the face of these threats, most CTOs deploy multi-factor authentication (MFA) and identity access management technology (IAM), with 90% and 91% adoption respectively. The study is based on STX Next's 2023 Global CTO Survey, which questioned 500 CTOs worldwide about the primary challenges their organisations face.

Additional findings showed that only a quarter (24%) of the respondents identified security as the main organisational challenge, ranking fourth. Regardless of the increasing risk of attack, less than half (49%) of the surveyed companies currently have a cyber insurance policy, while slightly more than half (59%) have implemented a ransomware protection solution.

The survey results also revealed that only 36% of companies maintain dedicated in-house security teams, contrasting with 53% that employ external specialised companies for security provision.

Krzysztof Olejniczak, CISO at STX Next, commented on the findings, "The data from this year’s survey indicates that employees are still the weakest point of company security. Despite deployment of comprehensive technology, poor implementation, substandard support processes or lack of governance can render these efforts useless."

Olejniczak continued, "Cybercriminals are often not relying on incredibly advanced and sophisticated methods of attack, but on human error and social engineering techniques. This method of attack is still the most popular and successful." He further pointed out that human errors can also include internal fraud, "where employees intentionally do not follow procedures and expose critical information."

Besides educating staff to recognise and respond to new threats and periodically testing their resilience, Olejniczak suggests that "solutions such as MFA, IAM and SSO are quickly becoming an industry standard for the modern business and can provide an additional line of defence to limit the risk of human error."

Olejniczak also highlighted the necessity of smaller companies to access the services of specialised cybersecurity solutions or providers in the form of vCISO services, due to generally lacking in-house security teams. He emphasised that without adequate protections, businesses put themselves at risk of attacks, either directly or through their supply chain. He concluded by stating, "Whether in-house or outsourced, CTOs and CISOs must take steps to support their teams and ensure that they are prepared and protected for the inevitability of attack."

Related stories
Ransomware activity spikes 20%, hospitals now in crosshairs
Three ways employees can spot a deepfake scam
Titans of Tech - Mike East of Cado Security
AI foundries & digital factories will change humankind, NVIDIA CEO says
2024: The top 10 professional services firms (revenue + margins)
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
Dropbox unveils new features for remote work, enhances Microsoft integration
Top tips for renovating your revenue management function in FY2025
New report reveals stark divide in global AI progression