Even with cybercriminals using sophisticated attack methods to compromise companies, business leaders must deal with employees recklessly clicking links and installing unknown software, according to the "2015 State of the Endpoint" study.
Seventy-eight percent of surveyed IT professionals believe careless employees are the biggest threat, 68 percent blame personal devices in the workplace, and 66 percent cite commercial cloud apps used at work.
"Respondents in this year's study have shifted their thinking and are now also attributing endpoint risk to human behavior in addition to particular device vulnerabilities," said Chris Merritt, director of solution marketing at Lumension. "This is a significant cultural shift to note because it illustrates how IT is starting to look at cybersecurity holistically. In addition to technology solutions, in 2015 IT must also take into account company policies and control processes, user awareness and overall employee education."
Using social engineering attacks, cybercriminals are able to circumvent security protocols and have employees click on fraudulent links, install malware, and turn over login credentials.