3 Eye-Opening Stats about the Human Aspect of Cybersecurity

According to the World Economic Forum, 95% of cybersecurity breaches are caused by human error. The human aspect of cybersecurity is arguably the most crucial part of any security system. 


And though software solutions are getting advanced such as MSSPs or Automated Pentesting services, skilled security professionals won’t really be replaced by automated software. 


Even the fastest and most complex AI cannot easily surpass the decision-making prowess and the experience of a skilled security professional. 


Aside from what a skilled professional adds to your security, let’s look at other human aspects of an online security system. The security system also includes the people that are being protected and the perpetrators of attacks.

Attackers don’t need to be technologically advanced.

78% of IT leaders claim that C-Suite execs are the most likely to be targeted by phishing attacks according to Forbes


Phishing is the most common and most effective attack against businesses. According to our own research, phishing attempts to C-Suite execs have a 41% success rate. That means at least one in three attempts to phish for info results in a successful breach.


The reason for the success is the fact that phishing attacks are based on human nature instead of being technological or software based. A person orchestrating an attack doesn’t have to be  technologically advanced. They just need a landing page or a form to get a person’s credentials and send it through email.


The tactic is more about how the email can look legitimate and encourage a person to enter their credentials. And once a hacker gets a credential such as a username and password, they can most likely access anything from the organization that they hacked.


According to Google, only 35% of online users have different passwords for different accounts. And what’s worse, only 45% of users would change their passwords even if they were already breached.


And that’s the main reason why phishing attacks are so effective, especially against C-Suite executives.


To combat this, we suggest having a password management system or using 2FA that is either software or implemented locally to make sure that credentials are ever-changing, even if there is a security breach.


Credential management is one of the tasks that a Chief Information Security Officer (CISO) deals with.

48% of organizations have basically given up on proactively setting up a cybersecurity system, according to Cisco

The phenomenon coined by Cisco as “cybersecurity fatigue” has two components: First is multivendor complexity and second is the long disruptions that fixes sometimes cause.


Multivendor complexity is understandable and most common with small to medium businesses who only add other security solutions once they can afford it, leading to having different vendors for different security implementations.


The fix would be to have an all-in-one solution or having a CISO as the point of contact among a security vendor network.


Or a much better would be a CISO that already has a local network of security solutions like Cyber Strategy Institute’s vCISO that has access to our solutions like Warden (MSSP), Uncharted (Dark Web Monitoring), Mimic (Automated Pentesting), Scrutiny (SOC2 Audit), Prestige (Reputation Management), and Inception (Web3 Support).

An Individual Hacker Only Needs $1 to Acquire Their Tools and Only $25 to Obtain a Million Compromised Credentials According to Fortune

This stat is contrasted by $8 trillion cost to businesses due to cybercrime damage according to Security Intelligence.


The vast inequality between the cost to attack and the cost to protect your system can also cause cybersecurity fatigue.


Organization leaders might be discouraged from paying for security solutions when they see this disparity.


However, once you really look into the numbers, you will see how having a security solution will be worth it.


For example, having Dark Web monitoring such as Uncharted is only $0.50 per element being monitored. If you monitor your email, and run a live scan once a week, that would be $26 for an entire year of monitoring. If you want to track more items less frequently, you can do that as well. If you’re going to monitor over 10 items, we have discounts available like for a family or business plan.


For a business, that is a lot compared to spending $200,000 to pay for ransom for stolen data or more for experts, new measures or staff to repair damaged parts of your business.


Then imagine not even being at risk to the malware they could use on your network through a Managed Service Security Provider (MSSP) like Warden that can stop unknown files before they can do anything through our partners patented technology. At $17 a month, you can have your protection fully managed, with incident handling if necessary, for free. Learn more about all the benefits here.


A great security system is led by people using the right software. Though software and automated solutions exist, detection-based computational power cannot beat stopping the criminal before he or she can get to you by stopping unknown files from executing and sweeping compromised passwords. Included in this a hardened veteran with 20 plus years of experience and the adaptability of the human mind and Cyber Strategy Institute is here to help you.


If you are interested in Dark Web monitoring through Uncharted, MSSP Warden or our vCISO solution, contact us now.