Security Issues
Question
Which of the following is responsible for MOST of the security issues?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Personnel cause more security issues than hacker attacks, outside espionage, or equipment failure.
The following answers are incorrect because: Outside espionage is incorrect as it is not the best answer.
Hackers is also incorrect as it is not the best answer.
Equipment failure is also incorrect as it is not the best answer.
Reference : Shon Harris AIO v3 , Chapter-3: Security Management Practices , Page : 56
The answer to this question is C. Personnel.
While outside espionage and hackers can certainly pose a significant security threat, the vast majority of security issues are caused by people within an organization, whether intentionally or unintentionally. This can include employees who mishandle sensitive data, fail to follow security protocols, or fall victim to social engineering attacks. It can also include malicious insiders who intentionally steal or leak data, disrupt systems, or engage in other nefarious activities.
According to various studies, insider threats are responsible for a significant percentage of security incidents, ranging from 60% to 90%. One reason why personnel are a major threat is that it can be difficult to detect and prevent insider attacks. Unlike external threats, insiders already have access to sensitive data and systems, and may be able to bypass security controls more easily. Furthermore, many organizations still rely on traditional perimeter-based security measures, which may not be effective at detecting or preventing insider threats.
To mitigate the risk of insider threats, organizations can take a variety of measures. These include implementing access controls to limit employee access to sensitive data and systems, monitoring user activity and behavior for suspicious activity, conducting background checks and security training for employees, and implementing policies and procedures to prevent data mishandling and other security risks.
While equipment failure and outside espionage can certainly pose a threat to security, organizations should not overlook the significant risk posed by insider threats. By implementing appropriate security measures and taking a proactive approach to security, organizations can help reduce the risk of insider threats and better protect their sensitive data and systems.
