NAME: JAMES MWANGI MACHARIA

REG NO:20/04225

UNIT: HUMAN ASPECTS TO IS SECURITY AND FORENSICS

CAT ONE

Question: Examine a situation where human error resulted in a security breach in the context of
information security. Examine how human factors, including as user behavior, insider threats, and
social engineering, played a part in the incident. Examine how these human variables affect the
organization's security posture and suggest ways to reduce such risks in the future. In your
suggestions, take behavioral as well as technological solutions into account.

Situation: An employee unintentionally clicked on a phishing email, leading to the compromise of

sensitive customer data.

Human Factors:

 User Behavior: The employee's lack of awareness and failure to recognize the phishing email
contributed to the breach. Insufficient training and awareness programs may have played a
role in this lapse.
 Social Engineering: The phishing email used social engineering tactics, manipulating the
employee into clicking on a malicious link or providing sensitive information. This highlights
the effectiveness of social engineering in exploiting human vulnerabilities.
 Threats: While the employee's actions were unintentional, the incident highlights the potential
for insider threats. Malicious insiders could intentionally compromise security, but in this
case, it was a result of unintentional actions.

Impact on Security Posture:

 Trust Issues: Customer trust is eroded when sensitive data is compromised, impacting the
organization's credibility. This can result in a loss of business and customer confidence.
 Weakened Defenses: Human errors increase the attack surface, weakening the organization's
overall security posture. The breach may lead to financial losses, reputational damage, and
regulatory consequences.

Mitigation Strategies:

1.Behavioral Solutions:

a. Security Awareness Training: Regular and comprehensive training programs should educate
employees about phishing threats, social engineering tactics, and the importance of verifying
suspicious emails.

b. Establish a Security Culture: Foster a culture of security within the organization, emphasizing the
shared responsibility of all employees in maintaining a secure environment.

c. Incident Response Training: Train employees on how to recognize and report security incidents
promptly to enable a swift response.

2.Technological Solutions:
a. Advanced Threat Protection: Implement advanced email security solutions that can identify and
filter out phishing emails before they reach employee inboxes.

b. Multi-Factor Authentication (MFA): Enforce MFA for accessing sensitive systems and data to add
an extra layer of security, even if credentials are compromised.

c. Regular Security Audits: Conduct regular security audits to identify vulnerabilities in both technical
systems and human processes.