“Data by itself never walks out of the door!”
Are you guilty of accidentally hitting the “send” button to the wrong person in an email or attaching the incorrect document? Don’t worry, you are not alone. We have all done it. We are ALL human. We make mistakes, that’s part of our DNA.
Real case scenario
A SCRIPT from Star Wars: The Rise of Skywalker was nearly leaked after a clumsy actor left it in their hotel room and it was listed on eBay.
The script was discovered by a cleaner and was then "given to someone else - who then went to sell it. According to Disney… luckily an employee saw it on eBay and bought it.
Not surprisingly, Disney notorious for its airtight, spoiler-proof security measures was not pleased with John Boyega’s gaffe. Earlier this week, J.J. Abrams explained that the studio giant had distributed only “a handful of scripts, and they were printed on crazy, uncopyable paper.” But it took only one human error for the coveted property, valued at about $84, to end up on an auction site.
Human behaviour offers many opportunities for mistakes to be made, especially by those rushing to complete multiple tasks in high-stress environments.
Beyond mistakes, high levels of stress in the workplace will either create an ‘overwhelm’ which put trusted assets into vulnerable states or those people will develop negligence behaviour.
The drive for productivity comes at a cost for both efficiency, accuracy and security. When employees are rushed, they will make more mistakes, feel as if their concerns are not being considered and potentially develop a negative attitude towards management.
Mistakes can be unintentional – anything from ignoring essential security control, speaking one's mind before understanding the repercussions, or accidentally sharing or leaking sensitive corporate information.
So where does the responsibility lie to ensure organisation information is kept protected?
A finding conducted by Gemalto in 2017 called Breach Level Index revealed that 76% of all the breaches occurred because of employee error. The worst part is that they could have been easily prevented.
For organisations to limit the number of insider data breaches, it’s crucial for employees to understand the role they play in keeping the company’s data secure.
Yet, it is essential to realise that it isn’t practical for most organisations to implement 100% protection against every threat to your organisation assets.
That’s why organisations need to adopt the following intention - Employees are the first line of defence!
Gone are the days when security was the sole responsibility of the corporate IT/security department.
Today, businesses need to consider threats from insiders whether they are malicious or accidental from a perspective of “enterprise-wide”. Organisations need to develop a comprehensive risk-based security strategy to protect critical assets against the threats from inside and outside as well as trusted business partners.
Training employees to be the first line of defence doesn’t mean that being security-minded in their online activities is sufficient. Organisations need to think and act beyond that.
Organisations must understand the psychology of their workforce and the demand placed upon them by the leadership. Once these are understood, it’s the responsibility of the organisation to create a work environment conducive to positive outcomes.
To reduce the likelihood of unintentional mistakes taking place, organisations may want to consider the following measures
If you are experiencing accidental data leaks or unintentional actions that have placed your business at risk, then we can certainly help you to sort that out quickly.
To help you identify why your employees are placing your business unintentionally at risk, we need to identify your current “Employee Trust Engagement ” level of maturity. It’s a simple assessment that looks at various areas such as trust, communication, culture, organisation support, job engagement and peer connectivity.
Through a multiple-choice questionnaire, we are able to understand very quickly where your employee trust engagement maturity sits. We are then able to provide you with the right set of recommendations that will help you engender a positive organisation culture.
You can reach us at the following