The Human Factor of Cybersecurity
Since 2014, the Human Factor report has explored a simple premise: that people—not technology—are the most critical variable in today’s cyber threats.
In cybersecurity terms, 2021 was the breakout year when financially motivated cyber crime became a national security issue. It was also a year marked by ceaseless creativity from threat actors who worked to undermine digital defenses and take advantage of the many opportunities presented by an uncertain world.
After a year that changed the world, it turns out that some things stayed the same. Attackers remained as unscrupulous as ever, making protecting people from cyber threats an ongoing—and often fascinating—challenge.
What this report covers
This report dives deep into each of three facets of user risk–Vulnerability, Attacks and Privilege.
It examines key developments in the threat landscape. It explores the developing relationship between cyber criminal groups and what it means for the rest of us. And it explains how a people-centric defense can make users more resilient, mitigate attacks and manage privilege.
This report covers threats detected, mitigated and resolved during 2021 among Proofpoint deployments around the world, one of the largest, most diverse data sets in cybersecurity.
Mingling to business and personal
According to the results of a recent Proofpoint survey, almost half of working adults shifted to a remote working environment as a result of COVID-19. One thing to emerge clearly from this shift is a definite mingling of business and personal. And this is perhaps nowhere more apparent than in how people use their personal and work devices.
Nearly three-quarters said they used a personal device for work purposes.
77% said they accessed personal accounts on an employer-issued device.
55% of respondents admitted that they allow friends and family to use their work computers and phones.
Ponemon Institute has reported a 44% increase in insider threat incidents since 2020.
2021 was a year unlike any other, for both cybercriminals and security professionals
A year that saw an explosion of ransomware, a new breed of SMS attacks, and where legitimate cloud services became a hotbed for criminal activity. We detail all these developments, as well as prevention strategies, in our new report: The Human Factor 2022.
Download today to learn:
- The ways attackers are targeting your people.
- The harm caused when privileged access is compromised.
- Why a people-centric cyber defense is essential.
Thank you for filling out the form. Join our webinar where we’ll examine key findings from the new report.
Report Highlight: Quantifying Vulnerability
The easiest way to quantify vulnerability without putting your organization at risk is to test employee responses to simulated threats. Data collected last year from our phishing simulation tool showed a failure rate range of between 4-20% depending on the type of attack being tested.
Viewed by department, failure rates vary from 6-12% with the average being 11%. Several high-profile (and highly targeted) departments fill out the lower reaches of the table, including IT, legal and finance, though there are several potentially lucrative targets at or above the average rate, including operations and purchasing.
Report Highlight: Malware Who’s Who
In January 2021, an international law enforcement operation took down the Emotet botnet. Overnight, a threat responsible for nearly 10% of the previous year’s malicious email activity was gone. But cyber criminals are nothing if not opportunistic, and other operators stepped up to fill the gap. In 2021, a group we call TA511 emerged as the undisputed volume leader for malicious email, sending three times as many messages as the next most prolific attacker.
Report Highlight: High-privilege users disproportionately targeted in cyber-attacks
Across the organizations in our dataset, around 10% of users are classified as being managers, directors or executives. However, our data shows that this group represents almost 50% of the most severe risk or attack.
Similarly, departments that deal with sensitive information, such as finance, human resources and legal tend to be at higher risk than functions such as marketing and product.
One thing immediately stands out in the leaked chats is Conti’s organizational structure. The group operates like an ordinary business, with salaried employees, vacation allowances and a human resources department.
Conti Ransomware GroupRead the full report
Over the past year, we’ve seen a growing trend of cyber criminals going to surprising lengths to develop rapport with victims before attempting to initiate an attack.
"Friendly" FraudstersRead the full report
In any given month, more than 80% of our customers receive a threat that appears to originate from one of their suppliers.