How Human Error Can Be A Big Security Threat

4th September 2023

How Human Error Can Be A Big Security ThreatPeople make mistakes – it is part of being human. Although mistakes give us a chance to learn and grow, they can be costly when it comes to cyber security. Unintentional or lack of action, such as downloading a virus or using a weak password, can result in a data breach.

With 82% of cyber security breaches resulting from a human element, according to a report by Verizon in 2022, human error is one of the biggest threats that organisations face. Understanding how human error can be a significant security threat is the first step towards minimising the risks and impact.


One of the most common ways human error exposes organisations to security threats is through phishing and social engineering attacks. These attacks manipulate individuals into revealing sensitive information or taking harmful actions.

Phishing emails, for example, can appear deceptively legitimate, leading unsuspecting employees to click on malicious links or provide login credentials, compromising the organisation’s security.

Weak Passwords

Using weak or easily guessable passwords can compromise security. Many people still use passwords such as “123456” or “password” as they are easy for them to remember, but they are relatively easy for attackers to guess. Using the same password across several accounts also poses a threat as it increases the risk of a breach across multiple platforms.

Poor Security Practices

Misconfigured security settings or poor security practices can open doors to cyber threats. This can include leaving systems unpatched, failing to update software regularly, or neglecting to implement basic security measures such as firewall protection. These lapses can lead to vulnerabilities that attackers can exploit.

Lack Of Awareness

Human error often arises from a lack of awareness and training. Employees who are not adequately educated about security risks may unintentionally download malware or fall victim to scams. Ensuring employees are given comprehensive training can enable individuals to better recognise potential threats and respond appropriately.

Data Handling Negligence

Another example of human error is negligence in data handling. Leaving confidential documents unattended, improperly disposing of sensitive information, or sharing files without appropriate protection can all contribute to data breaches.

Unsecure Device Or Network

Failing to secure personal devices used for work, or connecting work devices to unsecured networks, can lead to the accidental exposure of sensitive company data and critical information to potential threats.

How To Mitigate The Threat Of Human Error

It may be impossible to eliminate human error, but there are several ways you can reduce the risk and impact of security breaches resulting from human error.

Foster a workplace environment which emphasises that security is everyone’s responsibility, and invest in regular and comprehensive training for employees at all levels.

Enforce strong password policies and implement multi-factor authentication, and ensure all systems, software and applications are regularly updated and patched.

Monitor and audit systems to detect and respond to incidents promptly, and develop and regularly update incident response plans to minimise the impact of attacks.

For help managing IT, seek advice from a trusted IT provider. Here at ECL, we have a track record of successfully creating and implementing business continuity plans, managing cyber security threats, and protecting data. To learn more about how we can help, contact our team of IT experts today.

Posted in

Get in touch

Can't find what you're looking for or have further questions, please give ECL a call on 01268 575300 or fill out the form below and we will get back in touch as soon as possible...

Please enter your name.
Please enter a valid email address.
Please type your message.

Please check the captcha to verify you are not a robot.

IT Support

ECL recognises that every client is different, and every client has a different IT support requirement. Whatever the size of your business, we can offer a support scenario to suit your needs.

Cloud Services

Whether your business already uses Cloud services or you’re considering the Cloud as a possible way forward, talk to us first. We can provide anything from fully hosted IT infrastructures on our own ECL Private Cloud, to simple on-line backups. We can also give expert advice on Office 365 and other Cloud platforms.

Disaster Recovery

How would losing access to your IT systems and data for days, or even weeks, affect your business? For many if not most companies this would be a nightmare scenario, with potentially very serious consequences.

Office 365

Cloud services could potentially lower your overall costs and gives your employees all the tools they need alongside the correct layers of security and compliance.

Client reviews