industry
UNLOCKED
Human error is particularly common in data handling tasks like email , where autocomplete features , large attachments and sensitive information are everyday concerns . As Mavridis points out , in the legal sector , data from the UK ’ s Information Commissioner ’ s Office indicated that last year , 4.2 million people were potentially affected by law firm data breaches , with over half of those incidents tied to human error . These incidents could be caused by anything from relying too much on the autocomplete in an email address field , to accidentally emailing the wrong John or Jane at a third-party supplier or partner . This is an industrywide issue , but it ’ s one that can be reduced by creating a work environment where secure practices are easier to follow than to bypass .
Mavridis went on to highlight that rather than viewing employees as a liability , organisations can instead treat them as their greatest asset in data security . When the right tools and processes are in place to support employees , they are more likely to follow secure practices without feeling burdened . Musumeci agreed : the focus should be on equipping people with simple , accessible tools that make it easy to do the right thing , reducing the reliance on manual vigilance and minimising the risk of errors .
Security by process , not by enforcement
For cybersecurity measures to be effective , they need to feel like a natural part of employees ’ daily routines . When security protocols add too much friction , employees are more likely to find workarounds , potentially increasing risk . Musumeci emphasised that in sectors where urgency is high such as healthcare , where split-second decisionmaking can sometimes mean the difference between life and death , employees are quite right to consider cybersecurity as secondary to their immediate tasks . This isn ’ t an employee problem , but a process problem . While some industries such as IT may view cybersecurity as core to their everyday responsibilities , there are countless sectors where cybersecurity is not – and shouldn ’ t be – the primary focus .
Mavridis discussed the value of tailoring security tools to meet the unique demands of different roles within an organisation . Instead of expecting employees to navigate a blanket set of rules , organisations can adapt security protocols to fit the specific tasks employees perform , considering the types of data they handle and the workflows they rely on . By integrating security steps directly into
Anita Mavridis , VP of Product , Zivver
Sue Musumeci , Director of Quality & Clinical Informatics , Chronic Care Staffing
WWW . INTELLIGENTCISO . COM 45