A recent Microsoft Windows outage, triggered by an update error at Crowdstrike, underscores how human error often fuels IT incidents. According to a report by CIO&Leader in collaboration with research firm BM Nxt, human mistakes are a significant factor in IT security breaches, with 15% of respondents reporting frequent occurrences and 35% noting occasional lapses.

The report highlights that the frequency of human errors has decreased from 22% in 2023 to 15% in 2024. However, the proportion of rare incidents has risen from 24% to 41%, indicating that human error remains a persistent issue. High-impact ratings for business disruptions increased from 20% to 24%, and data loss concerns also surged, with high-impact ratings rising from 19% to 23%.

R Giridhar, Research Head at CIO&Leader, emphasized the need for ongoing training and awareness programs to mitigate human error.

While strong technological defenses are crucial, educating employees to reduce risks is equally essential. Malware incidents remain steady, with 11% of respondents experiencing them frequently and 37% occasionally. Social engineering attacks are also a significant concern, with 11% reporting frequent occurrences and 27% occasional.

Phishing attacks are identified as the most severe threat, with 50% of respondents rating them as highly severe. In response, many organizations are focusing on employee training, with 69% currently providing it, 20% planning to do so within six months, and 7% within a year.

The report also notes challenges related to the increasing reliance on platform vendors, with 26% of respondents rating it as a high concern and 35% as a medium concern.