The Human Operating System Key Role in Data Breaches


The human operating system continues to be the key role in cybersecurity incidents and data breaches, as revealed by Data Breach Digest by Verizon:

Data breaches are complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious software. As can be expected, data breach response activities—investigation, containment, eradication, notification, and recovery—are proportionately complex.

The report highlights 16 average breach scenarios. However, each scenario has its alterations. This fact links to a variety of outcomes involving the damage level and the overall aftermath of a breach incident.

Related: Australian Red Cross Data Breach: 550,000 Blood Donors Exposed

Furthermore, the report breaks down into four bundled groups:

  • The human factor or four scenarios stressing on the human-related threat actors;
  • Conduit devices and four related scenarios about device misuse;
  • Configuration exploitation and four scenarios on reconfigured or misconfigured settings;
  • Malicious software and four scenarios on “special-purpose illicit software”.

The researchers explained that they categorized each scenario in one of two ways: “prevalent” or “lethal.” The “prevalent” scenarios are the ones seen most frequently. On the other hand, “lethal” scenarios are those seen less frequently, but considered most destructive. Of the all the 16 scenarios, the team identified ten as the most prevalent and six as the most lethal.

The Human Element in Data Breaches

Human beings play a significant role in data breaches and cybersecurity incidents. This should come as no surprise – after all, we are the ones who produce, consume, use, depend on, and as a result, have to secure and protect digital data. Because of this, humans fulfill the roles of threat actors, targeted victims, cybersecurity defenders and incident response stakeholders, the report explains.

The conclusion? The team looked at data over the previous three years and saw that nearly half (49%) of all breached involved one or more the human elements.

For full technical and analytical disclosure, have a look at the full report.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.