Page 1

Memo Network Security

To: Dr. Alan Carswell (IS-365)

From: xxxxx

Date: 3/18/2017

Network Security is extremely important within a company its what keeps their data safe and

locked away in the right place, and accessible to only those who are authorized to handle it.

Additionally, it keeps the companys technological services and functions safe within their own

hands, not manipulated my malicious outsiders attempting to wreak havoc on an organization.

This memo will outline several important statistics on Network Security (specifically the causes

and damage that network breaches can create) and stress the importance of training and

diligence from any companys employees.

Network Breaches Statistics

There are a great number of manners in which companies can find their network breached,

ranging from elaborate Phishing scams designed to gain passwords and access to core functions

and data servers of companies, to hackers will ill-intent out to leak company information, or

simply partake in mischievous behavior. While many employees may believe hackers to be the

largest threat to companies – as they are mysterious and are perceived to have the power to

break into any system statistics from several sources show an alarming truth: employee error

Page 2

accounts for a massive percentage of data breach causes. Will Daugherty, a writer for Cyber

Security Trend, writes that his

study found Human error

accounted for 37% of network

breach incidents in 2015.

(Daugherty, 2016) However, it is

worth noting that while he lists

these four as separate entities,

Phishing and Malware also is

traced back to employee

negligence. Phishing scams

require employees to give out information they are not meant to, and Malware is commonly

though not always downloaded by employees who are ignorant to proper protocols or scams.

As such, simple Employee errors should instead account for a massive 62% of all breaches,

using Mr. Daughertys statistics.

Company Response

With employees making simple mistakes from ignorant downloading behaviors to other very

minor errors, it seems appropriate that a company should respond to this information by

2015 Breach Statistics

Human Error Phishing/Malware External Device Employee Theft

Page 3

proposing an employee training program to familiarize employees with the risks of Phishing

Scams and deceiving

links. Rutrell Yasin, a

writer for

DarkReading.com,

shows that only a

surprisingly low

percentage of

Executives believe that Employee knowledge is a priority and that 60% of executives

interviewed would say their employees have little to no knowledge of security risks. (Yasin,

2016) Negligence to implement Employee Training programs from both Executives and

Employees themselves cost businesses greatly, especially considering the earlier statistics of

employee error being the top cause of security breaches. Rutrell Yasin continues in his article to

state that only 45% of organizations have mandatory training, but 29% of those courses from

organizations are not mandatory. (Yasin, 2016) Additionally, many of these courses are not

comprehensive, neglecting concepts such as cloud services, mobile device security, and even

phishing attacks. (Yasin, 2016)

Conclusion

With Network Security being core to companies infrastructure and operations in the modern

age, it should be alarming that employees are often the cause of breaches, and more

importantly, that companies often fail to respond to these statistics. To maintain security,

0%

20%

40%

60%

80%

100%

Executives in Favor of Priority Other Executives

Executives Who Believe Employee Knowledge is a Priority vs Those Who Do

Not

Page 4

Executives must not rely solely on the software and policies of the IT department, but ensure

that all employees, regardless of department, be trained in good practices and how to avoid

breaches. The information presented in this memo is only a small portion of the available

statistics regarding network breaches, but it should serve its purpose in presenting the core

dangers of employee ignorance in regards to network security. Executives must be diligent in

training their employees, for the benefit of the entire company.

Page 5

Bibliography Daugherty, W. (2016, Jan 6). Human Error Is to Blame for Most Breaches. Retrieved from Cyber Security

Trend: http://www.cybersecuritytrend.com/topics/cyber-security/articles/421821-human-error-to-blame-most-breaches.htm

Yasin, R. (2016, May 24). Employee Negligence The Cause Of Many Data Breaches. Retrieved from DarkReading: http://www.darkreading.com/vulnerabilities—threats/employee-negligence-the-cause-of-many-data-breaches-/d/d-id/1325656