Abstract
Human error continues to be a major computer security issue, although many contemporary information security practitioners appear to have forgotten about it. This paper discusses why the practitioner should reestablish human error as a high priority issue worthy of significant and continuous attention. Statistics reflecting loss experience are presented to recontextualize human error as a serious threat. The authors present cases of human error to underscore its importance. These cases are also used to draw attention to several distinctions about human error which can be used to initiate analytic work so that human error can be mitigated and prevented. The authors suggest that standard techniques for dealing with errors be brought into the normal practice of information security. These techniques include probabilistic risk assessment, human reliability assessment, and task profile analyses. Human errors– whether they are found in systems design, programming, operation, or other computer-related activities–are a serious threat to the viability of computer-based systems, and thereby to the industrialized world at large.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
