Cyber security compromises and cyber incidents are as often the result of human error as malicious attack. An innocent lack of understanding of an organisation’s culture, policies and procedures, can be riskier to a business’ security than a technical vulnerability. Securing a cyber-physical system that users interact with, requires not just a good technical understanding but also expert knowledge of ‘human factors’.
Cyber-Human Error Assessment Tool
A key part of Thales’s human factors capability is the Cyber-Human Error Assessment Tool (CHEAT), which comprises a methodology of expertly developed interviews and questionnaires within an easy to use software tool.
CHEAT supports Thales’s engagement with specific parts of a client’s business and helps develop an understanding of the human influence on cyber security. It covers simple but crucial elements such as individuals’ awareness of how to spot phishing attacks, how to share and store sensitive information, and the day-to-day processes necessary to keep data and systems protected.
Based on this, we can identify key behaviours that need to change to improve security, and help focus training and workshops towards achieving that change whilst maintaining a client’s unique corporate culture.
9 Factors: reducing insider threat and enhancing cyber security