👩‍💻 Optus, a huge telcom in Australia, recently had a data breach. Last week, Optus was adamant that “human error” was not a factor in the breach - “Optus has strenuously denied "human error" being a contributing factor in a data breach….”.

Many cybersecurity experts argue that human error is a contributing factor in every data breach. Whether human error is a factor in every data breach or not, human error in cybersecurity has an unhealthy stigma attached to it.

🙀 If you click on a fake link in a phishing email and provide sensitive information to an attacker, that’s a human error. As is installing software from an untrusted site. These are mistakes.

🤔 We all make mistakes. And with attacks becoming more widespread and more targeted, it’s harder to avoid making mistakes. Hiding from those mistakes, or covering them up, only makes matters worse.

🙈 When there’s embarrassment or shame attached to security or privacy mistakes, we are less likely to report them, hoping they’ll just go away and we can avoid the embarrassment and shame.

But, in every security incident, rapid response and containment is a key part in limiting the impact and cost. 📢 Proactively communicating when you make a mistake is as important as making the mistake in the first place.

🙌 We all make mistakes and have breaks in our security mindset. Don’t be embarrassed or afraid to come forward when you think you’ve made one.

‍