Published incidents and their proportions of human error
Information and Computer Security
ISSN: 2056-4961
Article publication date: 3 June 2019
Issue publication date: 19 June 2019
Abstract
Purpose
This paper aims to provide an understanding of the proportions of incidents that relate to human error. The information security field experiences a continuous stream of information security incidents and breaches, which are publicised by the media, public bodies and regulators. Despite the need for information security practices being recognised and in existence for some time, the underlying general information security affecting tasks and causes of these incidents and breaches are not consistently understood, particularly with regard to human error.
Design/methodology/approach
This paper analyses recent published incidents and breaches to establish the proportions of human error and where possible subsequently uses the HEART (human error assessment and reduction technique) human reliability analysis technique, which is established within the safety field.
Findings
This analysis provides an understanding of the proportions of incidents and breaches that relate to human error, as well as the common types of tasks that result in these incidents and breaches through adoption of methods applied within the safety field.
Originality/value
This research provides original contribution to knowledge through the analysis of recent public sector information security incidents and breaches to understand the proportions that relate to human error.
Keywords
Citation
Evans, M.G., He, Y., Yevseyeva, I. and Janicke, H. (2019), "Published incidents and their proportions of human error", Information and Computer Security, Vol. 27 No. 3, pp. 343-357. https://doi.org/10.1108/ICS-12-2018-0147
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited