SAFETY & SECURITY | THE WEAKEST LINK
The weakest link in the security chain
Despite major advances in security technology, human error remains the weakest link in any security system. The only way to address this issue is to minimise reliance on human involvement.
By Richard Hilson, Security access management specialist, Parking Facilities
SECURITY TECHNOLOGY HAS SEEN REMARKABLE advancements in recent years, particularly in industries tasked with safeguarding critical assets, such as the civil nuclear sector. Facial and fingerprint recognition, Automatic Number Plate Recognition (ANPR), and even technologies that identify individuals by their MAC addresses or unique gait now play a vital role in security strategy. However, as with any workplace initiative, be it a simple recycling policy or a corporate password protection directive, technology is only as good as those who implement or operate it. Whilst technology can be fallible and gremlins do arise, it’s never as flawed as mere humans. We carry the ability to reason and to override procedures,
or ignore policy, should we wish. Or, as it happens, just make mistakes. In fact, according to a recent Verizon report, two out of three insider attacks happen as a result of negligence, and 74% of organisations are saying that insider threats are becoming more of a concern for them. Security breaches aren’t limited to insider facilitated
external threats though. Whether intentionally or not, they can come from within. Humans can, and do, ‘go rogue’, whether that’s pre-meditated criminal or malicious intent, or just by taking shortcuts. In fact, for the nuclear sector, while threats from
terrorism, military action, sabotage, cyberspace, and unauthorised exposure pose the biggest security headaches, as with any industry, human error or human malpractice is always present.
Nuclear security is defined by the International Atomic
Energy Agency (IAEA) as the prevention and detection of, and response to, theft, sabotage, unauthorised access, illegal transfer or other malicious acts involving nuclear material, other radioactive substances or their associated facilities.
Employee negligence and insider threats Insider negligence remains one of the leading causes of security breaches. Employees who share passwords or access cards may do so out of convenience, ignorance, or a misplaced sense of trust. Unfortunately, this creates vulnerabilities that are left open to exploitation. When multiple employees share credentials, it becomes difficult to trace actions to a single individual. This lack of accountability can complicate incident investigations and allows malicious activities to go undetected. The sharing of passwords or access cards also means
inaccurate accounting of personnel, and in the event of an evacuation or major incident, central IT systems will hold misleading information on employee locations which could have a huge impact upon safety and potentially emergency services resources. Employees with malicious intent can exploit shared
credentials to carry out unauthorised activities while shifting blame to others, increasing the risk of deliberate sabotage or theft of sensitive data. Even when there is no malicious intent, employees who share access credentials
Above: Human error allowed unauthorised access to a nuclear fuel fabrication facility Source: Andrew Engineers 26 | February 2025 |
www.neimagazine.com
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61
