The ‘H Factor’

08 September 2016

Why the ‘human element’ is often the weakest link in cyber security


The ‘H Factor' – the human element – is often the weakest link, making cyber-attacks and data breaches possible, sometimes even more so than hackers exploiting system vulnerabilities or employing new malware. 

In a report by, human errors are cited as a major factor in most data breaches, exposing organisations to cyber threats through three main types of risks: human error, ignorance and intentional harm.  

Human Error: Accidents such as inadvertently sending sensitive information to the wrong email recipient, deleting a file by mistake, clicking on a malicious link or advertisement or unintentionally downloading malware into the organisation.

Ignorance: Without the proper training, employees can remain unaware of the risks. Most employees who fall prey to social engineering and click on a malicious link do so out of ignorance or because they were victims of phishing (the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online).

Intentional harm: Malicious activity by company insiders.

Employees remain the first line of defence and educating them regularly about potential cyberattacks is vital. A culture that encourages and supports employees in being open (and fast to act) when they have made a mistake is essential.

Training is an important part of educating your employees. Amethyst is an established cyber security training provider offering specialist courses on technical risk assessment as well as more basic introductory level courses for non-specialists - no previous knowledge or experience of the subject is assumed.

Our one-day course, Cyber Security Awareness for HMG, provides an overview of cyber security and Information Assurance principles, including information risk management (impact, threat and vulnerability); sources of cyber security advice and the 10 steps to cyber security.



Contact us for more information

<< Back to Latest News items