The Unaddressed Gap in Cybersecurity: Human Performance

An employee at Maersk, the world’s largest shipping conglomerate, saw computer screens suddenly turn black and irreversibly lock in late June 2017. A highly engineered malware worm exploited company computers in Ukraine lacking the latest Microsoft Windows security patches. With this small foothold, the worm breached the company’s IT system and blocked access to all computers and servers worldwide, ultimately halting shipping operations for several days. The incident cost Maersk over $200 million in lost revenue, caused unquantified costs in perished goods and recovery efforts, and created a slew of unhappy customers.

The Maersk story is not uncommon. In 2015, 80 million customer records were stolen from Anthem because an unsuspecting employee responded to a phishing email. In 2017, the United Kingdom’s National Health Service suffered a ransomware attack that resulted in 19,000 canceled appointments due to the use of, once again, an outdated, unpatched version of Microsoft Windows. In 2019, data on 106 million Capital One customers was stolen via a misconfigured Amazon Web Services firewall. And the list goes on.

Read more at MIT Sloan Management Review

(Visited 67 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X