Latest news with #humanerror
Forbes
8 hours ago
- Business
- Forbes
Your Biggest Cybersecurity Risk Isn't Technology—It's People
Rick Hutchinson is the CTO at VikingCloud. He has 17-plus years of experience as an accomplished executive and visionary leader. The more you spend, the more secure you feel. That's the trap. Chief information security officers (CISOs) spend most of their time in meetings discussing what cyber tools will ensure security, from endpoint detection and AI monitoring to advanced threat intel and more. But here's the uncomfortable truth: CISOs believe their cyber perimeter is secure with technology, yet the real threat is walking through the front door. That's because the weakest link isn't in your tech stack; it's your people. Human error causes 95% of breaches. What's worse? Most cyber incidents result from preventable employee mistakes, like clicking malicious links, reusing credentials, selecting weak passwords and mishandling sensitive data. Despite all the tech, people remain your most common (and most costly) security gap. As cyberattacks grow in frequency and intensity, that gap only gets riskier. Your organization needs a culture reset. Here's how to get started. Not All Human Risk Is Accidental Yes, human error is the leading cause of breaches. But there's a quieter, more concerning risk to your organization's security posture: intentional silence. 40% of cybersecurity professionals admit they've underreported incidents to avoid job-related fallout. That silence isn't carelessness—it's culture. When teams are stretched thin, reporting lines blur. When the same people setting the security protocols are also responsible for reporting incidents, objectivity breaks down. Add alert fatigue and organizations are left with blind spots hidden behind dashboards. Sixty-three of security teams spend over 208 hours a year chasing false positives, and one in three professionals say real threats get missed because of it. These visibility challenges create an inaccurate picture of cyber risk, and awareness of vulnerabilities grows dimmer the closer you get to the corner office. According to research from my company, VikingCloud, while 74% of C-suite cyber leaders rate their security posture as strong, only 29% of frontline managers agree. Worse, just 13% of C-level executives believe underreporting happens compared to 58% of managers who know it does. And here's the kicker: The next time you ask for additional budget to invest in the latest cyber tech for your fortress, you may get denied, all because the C-suite shares this false sense of security. Culture: Your First Line Of Defense If people don't feel safe reporting issues—or don't see themselves as part of the defense—your risk surface stays wide open. Cybersecurity strategy needs a culture shift alongside tech advancements. Here are the top five requirements for a culture reset action plan. Cybersecurity training isn't a one-time event or a box to check. Employees need regular, engaging education to stay sharp against evolving threats. Teach them to spot phishing attempts, protect credentials and understand how their actions impact the organization's overall risk profile. Gamified training, real-world simulations and tabletop exercises don't just engage teams—they expose weak links before the attacker does, helping identify employees who may need extra support. Think of it as stress-testing the human firewall before the inevitable occurs. Fear creates silence, and silence breeds risk. If employees worry about punishment, they won't report quickly—or at all. Build reporting channels that are confidential, clear and supportive. Be sure to reward transparency and respond constructively as well. A non-punitive environment where quick reporting is encouraged and supported is key. When people feel safe to speak up, small issues stay small. Cybersecurity doesn't belong solely to IT. It belongs to the entire organization, from interns to the CEO. Executives must lead by example, modeling secure behavior and keeping security a visible, ongoing priority. Closing the communication gap between the front lines and the C-suite is also critical. When leaders get real-time, unfiltered feedback from the front lines, they make better decisions and deploy smarter resources. For example, Microsoft's Secure Future Initiative (SFI) underscores the impact of leadership in transforming security culture. By integrating security objectives into employee performance reviews and dedicating substantial resources to cybersecurity, Microsoft set a precedent for leadership-driven security enhancement. Even your best-trained employees will miss something. That's where your tech fortress comes into play. By developing a strategy for implementing AI-powered tools, you can better detect anomalies, block phishing attempts and flag risky behavior in real time. When people and technology work together, security outcomes improve dramatically. Threats evolve, which means defenses should too. Revisit policies often, stress-test response plans and keep people informed about new risks and best practices. Cybersecurity isn't static—it's a muscle built over time. When Culture Clicks, Security Works Security-first cultures respond faster, report earlier, fall for fewer phishing attempts and earn more trust from stakeholders. But this isn't a culture that can be bought; you have to build it. This starts by recognizing that cybersecurity isn't just a tech issue—it's a people issue. So stop relying on tech tools alone. Empower your people, normalize reporting and make security a shared responsibility. Because the next breach likely won't come from a sophisticated hack. It'll come from silence. Change the culture before it costs you. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Telegraph
10 hours ago
- Telegraph
How long until computers replace pilots?
Flying remains one of the safest forms of transport. A study by the Massachusetts Institute of Technology (MIT) found that the chances of dying in a plane accident were around one in 13.7 million passenger boardings in the period between 2018 and 2022. But a recent raft of incidents has given people pause for thought. Among the questions asked is, what is the potential for human error? It's a difficult conversation to have. After the recent devastating Air India incident, Reuters reported that India's aviation safety watchdog had requested records for the pilots onboard as part of a regulatory review of the accident (though there is currently no suggestion that they held any blame). Meanwhile, a probe by the UK's Air Accident Investigation Branch showed that an aborted take-off on a British Airways plane at Gatwick in 2024 was caused by the co-pilot mixing up left and right and using the wrong control, forcing the pilot to make an emergency stop. Some argue that fatigue, arguments in the cockpit and split-second errors of judgment can all have devastating effects, and aircraft developers say that automated systems could make planes safer, pointing out that computers already do a good share of the heavy lifting on commercial flights. On recent test flights, Airbus's A350-1000 even completed autonomous taxis, take-offs and landings, according to 'You cannot replace human senses' Captain Emma Henderson MBE, who has piloted flights for one of Europe's largest airlines, believes that autonomous aircraft do have a place – in war zones which present dangers to pilots, for example. 'If you lose a drone, there's no loss of human life in the air,' she says. 'It makes sense in certain situations that are very dangerous.' This kind of autonomous flight is also a key consideration for engineers at Honeywell Aerospace, which works to find autonomous aviation solutions. 'In commercial and humanitarian sectors, uncrewed and highly automated aircraft can deliver cargo, medical supplies or emergency aid to hard-to-reach or hazardous environments, especially when human access is limited or unsafe,' says David Shilliday, the company's vice-president and general manager of advanced air mobility. But outside of these parameters, Henderson believes pilotless planes could bring their own safety issues. She's even wary of Amazon trialling autonomous drone deliveries in Darlington. 'I can't think how it's a good idea to allow something like a drone to fly that close to people. It's dangerous,' she says. 'There's also the security side of it, because there's no guarantee that that system, as an example, can't be hacked.' On a larger scale, she adds: 'They're never going to be able to respond to the 'black swan' events [high-impact events that are difficult to predict but that in retrospect appear to have been inevitable]. Even in the tragic Air India crash, a computer couldn't have changed what happened. 'It doesn't matter how well you think you can programme a machine, you cannot replace human senses. I had a fume event on the way to Belfast. It was an almost imperceptible spell. The aircraft itself didn't throw out any faults so my question would be, 'how is an unmanned vehicle going to respond in that situation?'. 'We landed the plane within about 20 minutes. Passengers were unaffected. Some of them said they felt a bit odd, but they were largely unaffected. The crew were all put in an ambulance and we had our blood stats taken and we had depleted O2 levels and elevated CO2 levels in our blood. But there was no indication on that aircraft: an unmanned vehicle would have no way of knowing that.' Psychological hurdles At Honeywell Aerospace, Shilliday also believes there are significant hurdles to pass before autonomous commercial passenger flights become a reality – significantly, psychological ones. Whether the public will be prepared to board pilotless aircraft is doubtful. A 2017 survey by investment banking group UBS found that only 17 per cent of people asked would be willing to fly on a plane without a pilot in situ. 'While society is becoming more comfortable with autonomy through exposure to autonomous cars and commercial drones, there is still significant work required to build public trust and ensure safety and certification pathways for uncrewed passenger flight,' he says. 'We believe the best path forward is to build trust through transparency and gradual exposure, starting with proven autonomy in cargo, defence and humanitarian missions. Over time, successful real-world operations and visible safety records will lay the foundation for acceptance in passenger aviation.' In the meantime, Shilliday believes that, rather than making airline pilots redundant, the technology could improve their experience in the skies. 'It's a continuum, not a binary switch, and safety gains can happen across many levels of autonomy, long before a cockpit is empty,' he says. 'Greater autonomy enhances safety by reducing pilot workload, especially for repetitive or time-sensitive tasks. This frees the pilot to focus on higher-level decision-making and situational awareness. These systems are not designed to replace human pilots overnight, but to assist them, just as autopilot systems and fly-by-wire technologies have done for decades.' It takes two Despite this, commercial pilots do worry that computers may be coming for their jobs. It's a situation that's been bubbling under for a while. In 2023, pilots associations from across the world came together to launch a 'Safety Starts With Two Campaign' in response to suggestions that European operators were keen to switch to single-pilot operations (current regulations require two pilots). Those pitching pilotless commercial passenger flights have suggested that routes with one pilot onboard might work as an intermediary phase. But many pilots believe this would be unsafe. 'The safest thing to do is to have two pilots in the flight deck so, if something happens to one, you have another,' says Henderson. 'It's also about cross-checking: who's going to put that information into the aircraft? If you need to divert somewhere, who's going to suddenly work out all that performance into the aircraft to make sure it does land in a safe place and that it's not breaching any regulations. I think that there is a lack of understanding among people who think that pilots just sit reading the paper.' The move has led some insiders to argue those pushing for more autonomous flying aren't driven by safety concerns at all, but rather cost-cutting. The UBS study suggested that airlines could save as much as $35 billion (£26 billion) per year by switching to autonomous planes. Pilot salaries can account for up to 25 per cent of the operating costs for each flight and, in the past year, they have risen rapidly as airlines struggle with another pressing issue – a lack of qualified staff. But Henderson points out that pilotless flights would require different staff, as well as more training programmes. To satisfy regulatory bodies in the future, questions will also need to be asked about what happens in the event of computer failure or software faults. Cyberattacks are another consideration. Last, but by no means least, is putting moral and ethical decisions in the hands of computers – for example, should a patient become ill or should the worst happen and an incident become inevitable. 'It is not about computers making open-ended ethical decisions,' says Shilliday. 'Instead, these systems operate within defined parameters, protocols and mission objectives. If a passenger becomes ill or in a contingency situation, the system can assist by triggering predefined emergency procedures – like recommending the nearest diversion airport – but final judgment typically remains with a human operator or pilot.'
Free Malaysia Today
14-06-2025
- Automotive
- Free Malaysia Today
No mechanical fault in Gerik bus crash, says early report
It is highly likely that the accident was caused by other factors such as human error, road conditions, or similar external factors, the early technical report said. (Bernama pic) PETALING JAYA : The bus involved in the crash near Tasik Banding, Gerik, that killed 15 university students was in sound mechanical condition before the accident, according to an early technical report released by Puspakom. A post-crash inspection found that the vehicle's brakes, tyres, steering, and suspension were all in good condition and met safety standards. 'Based on observations and the technical investigation, there was no evidence of mechanical system failure that could have caused the accident. 'Therefore, it is highly likely that the accident was caused by other factors such as human error, road conditions, or similar external factors,' the investigators said in the report. The report said the air brakes of the bus were in satisfactory physical condition, without any sign of excessive wear. The air compressor tank was also intact without any leaks identified. It said two sets of leaf springs and shock absorbers were found to be faulty but it might be a result of the crash. The bus sustained major structural damage in the crash, including a crushed front end, shattered windows, broken support pillars, and severe body panel deformation. The report also said the bus underwent its last inspection before the accident on April 13 at Puspakom's Kota Bharu centre, where it was given a 'pass'. Transport minister Loke Siew Fook said appropriate measures will be implemented by the ministry based on the final findings to ensure road safety. 'Meanwhile, enforcement of compliance with safety standards set by the ministry, driver's qualifications, and the monitoring of the transport company's operations will continue to be tightened. 'The ministry expresses its deepest condolences to the victims' families, and it is committed to ensure that such tragedies do not recur,' he said in a statement.
RNZ News
06-06-2025
- Business
- RNZ News
'Human error' behind massive internet outage across lower North Island
Human error during planned works resulted in internet outages. Photo: 123RF Ultrafast broadband provider Chorus says Friday morning's massive internet outage across the lower North Island was caused by human error. Connections went down before 11am, affecting connections from Wellington, Kapiti, Hutt Valley, Palmerston North and through to Napier. One internet service provider estimated 90 percent of customers in the regions were affected. The outage lasted more than an hour, and was fixed by about 12.30pm. Chorus on Friday afternoon said it was "the result of human error during planned works, which resulted in one of our core ethernet routers for the Wellington region being isolated from our network". "The error was identified and corrected, and all services restored within a 1.5-hour period," the infrastructure provider said. "At its peak, approximately 118,000 services were affected by the outage." Chorus said a "full investigation" had been launched, "which will include a review of our planned works processes, and any changes needed to prevent a similar situation in future". "Chorus sincerely apologises for any inconvenience caused and thanks those impacted for their patience and understanding." Gorilla Technology chief executive Paul Spain told RNZ that he understood the equipment that failed was based in a Chorus site on Wellington's Courtenay Place. Spain said it appeared to have had some sort of technical fault. "We usually don't have these things having such a widespread impact because there tends to be redundancy built into the system, because if one component fails another part of the network takes up the slack and keeps operating." He said it was likely Chorus would provide more details in due course. "We usually see the Chorus network being really resilient and serving New Zealand well, so you know this is a reasonably uncommon occurrence." Spain told RNZ these types of issues could have a widespread impact. "I think Chorus will be working hard after this to understand what happened [and] how do they make sure it never happens again." Earlier, Voyager said it had identified an issue affecting "Chorus Wellington UFB (ultrafast broadband) handover". "This handover services Wellington, Kapiti, Hutt Valley, Palmerston North and through to Napier." Just after 12.30pm, Voyager said connections were starting to come back online, but users might need to restart their routers. "My office is being kept updated on the situation," Media and Communications Minister Paul Goldsmith said earlier, when connections were still offline. Sign up for Ngā Pitopito Kōrero, a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
The Independent
21-05-2025
- Business
- The Independent
Marks & Spencer blames ‘human error' as cyber attack set to cost £300m
Marks & Spencer has said a damaging cyber attack caused by 'human error' will cost the company around £300 million. The high street retail giant said disruption to online shopping could continue into July but it hopes to have this partly restored 'within weeks'. M&S halted orders on its website and saw empty shelves after being targeted by hackers around the Easter weekend. Customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken by hackers in the attack. Chief executive Stuart Machin told reporters that hackers gained access to the company's IT systems through a third party after 'human error'. The boss said he has been in touch with other industry bosses to discuss hacks, with rivals the Co-op and Harrods also targeted with cyber attacks in recent weeks. He added: 'We didn't leave the door open, this wasn't anything to do with under-investment. 'Everyone is vulnerable. For us, we were unlucky on this particular day through some human error.' The retailer revealed on Wednesday morning that online sales and profits in its fashion, home and beauty business have been 'heavily impacted'. Disruption to online operations is set 'to continue throughout June and into July as we restart, then ramp up operations', it said. However, it indicated that shoppers will see improvements over the coming weeks. Mr Machin suggested around 85% of its online operations are likely to be restored soon, as the company focuses on certain parts of its operations first. He added that clothing and home sales have been 'resilient' in stores in recent weeks. Meanwhile, food sales were affected by reduced availability but the business stressed this is 'already improving'. The group has also reported 'additional waste and logistics costs' after switching to manual processes following the attack. M&S said the incident is likely to drag its group operating profits down by around £300 million this year, but it expects this to be reduced through cost management, insurance and other reactions. The company suggested it could reduce the impact of the attack by as much as 'half'. Mr Machin said: 'It has been challenging, but it is a moment in time, and we are now focused on recovery, with the aim of exiting this period a much stronger business. 'There is no change to our strategy and our longer-term plans to reshape M&S for growth and, if anything, the incident allows us to accelerate the pace of change as we draw a line and move on. 'This incident is a bump in the road, and we will come out of this in better shape, and continue our plan to reshape M&S for customers, colleagues and shareholders.' It came as the company reported a higher-than-expected adjusted pre-tax profit of £875.5 million for the year to March, up 22.2% on the previous year. The group was buoyed stronger profits in its food arm, which saw sales increase by 8.7% to £9 billion over the year. M&S revenues grew by 6% to £13.8 billion as a whole for the year, as fashion, home and beauty sales grew by 3.5%. The company is currently undergoing a major transformation programme, which is including changes to its shop estate. The retailer, which currently has 565 stores, said it plans to have 600 stores by 2028, comprising 420 bigger food stores and 180 full clothing, home and food stores. It added that the plan is still on track despite the recent disruption. M&S also said it has accelerated plans to invest in improvements to its technology to now take place over the next six months, after previously indicating it would take two years.
