New research: Global Cost of Ransomware Study. See what breaches are costing you.
Get the report
Blog
/
Zero Trust Segmentation

People Can’t Be Patched: Why Human Error is a Huge Cloud Security Risk

Christer Swartz
Solutions Marketing Director
March 4, 2025
23 min. read

“Assume breach” is a fundamental principle of Zero Trust. And it applies just as much to people as it does your workloads. Just as we need to assume breach in the IT environment, we also need to assume human error in your workforce.

Research bears out this assumption. According to a recent study, mistakes by people account for close to half of all data breaches in the cloud.

People are always the weakest link

Resources in the cloud are dynamic and ephemeral. Securing a hybrid cloud architecture can be challenging. That’s especially true when the architecture includes multiple cloud vendors, on-premises data centers, and mobile endpoints.

And all cybersecurity architectures contain one weak link in the workflow. (Hint: it’s located between the keyboard and the chair.)

No human can manage security in a complex environment without making an occasional error. Given enough time, everyone makes mistakes.

Policy enforcement is impossible with humans, even in the most robust Zero Trust architectures. Human decisions and mistakes are impossible to reduce to a reliable algorithm. People are unpredictable. And no amount of training will stop someone from clicking on links, accidentally downloading threats, or eventually misconfiguring a security device.

Zero Trust architecture must protect against unpredictable scenarios. Human error should be at the top of that list.

The segment protects you from yourself

Human error allows breaches to enter cloud resources. That’s why enforcing policy between all resources is the only way to restrict movement of the breach, regardless of how complex or mysterious that threat is.  

Once that first cloud resource gets compromised, that threat will try to move to the next resource toward its ultimate goal. And the only way that any threat can move between resources is through a network segment.  

Monitoring and enforcing all segments between resources can reveal undetected threats based on network behavior between application dependencies. The movement of a threat from one resource to another will almost always produce spikes in normal traffic behavior. These spikes can be discovered and enforced.

For example, unusual behavior across segments — such as sudden bursts in lateral network traffic between resources — can be a sign of malicious traffic on the move. This can be the case even if your threat-hunting tools have not yet discovered a threat on that resource.

Monitoring and enforcing the segment will protect your environment from inevitable mistakes, human or otherwise.  

The errors putting your cloud at risk

In cloud security, human error comes in a variety of types:  

  • Weak access passwords
  • Exposed storage instances
  • Failing to rotate SSH keys
  • Leaving ports open laterally between resources
  • Not patching the OS on those resources
  • Assuming security is someone else’s job
  • Trusting cloud vendors to secure resources that you host on their environment

All of these mistakes will open the door to threat actors to gain entry.  

What’s more, humans can be easy to manipulate. For attackers, social engineering is an effective, low-tech solution to compromising corporate credentials.

AI-generated tools are beginning to expand the ways in which threat actors can impersonate someone in authority, requesting passwords from an underling or coworker. Attackers can also use LinkedIn to find and bribe an employee of a targeted company to get credentials. Zero Trust needs to take into account these unfortunate but common scenarios.  

Segmentation applies to humans as much as it does to workloads — perhaps more so. Whether intentional or accidental, human error needs to be assumed. Humans need to be assigned the same level of trust as any workload: zero.  

Vendors make security errors, too

For the sake of argument, let’s pretend your employees are all fully trained, reliable, and practice good Zero Trust hygiene. But what about third-party entities, which also have all kinds of access to your environment?

Do you trust contractors, vendors, auditors, branch offices, agencies, or suppliers to follow security best-practices?

In Zero Trust, the answer is always no. Those external entities may claim to be secure, and they may truly think they are. But without full control of external parties, you must assume that their security is potentially weak.  

The keyword in Zero Trust is zero — whether it’s workloads, people, or third-party entities.  

Contain breaches with Illumio

Enforcing segmentation protects the hybrid multi-cloud from errors committed by even the most well-intentioned employee.

A Zero Trust architecture pushes the trust boundary out to every resource and every human. It then continuously monitors all segments between them.

The segment is the common denominator in how threats spread across workloads, regardless of how they entered the environment. Humans cannot be secured, patched, or quarantined effectively. Eventual failure must be assumed.  

Illumio Zero Trust Segmentation helps you visualize, discover, and stop threats from spreading between resources at any scale, regardless of the source. This builds a consistent cybersecurity architecture that protects resources from any kind of threat — from digital to human.  

Contact us today to learn more about how Illumio ZTS can help secure your hybrid multi-cloud from human errors.

Related topics

Cloud Security

Related articles

7 Practical Tips for CISOs Building Zero Trust from Netskope CISO Neil Thacker
Zero Trust Segmentation

7 Practical Tips for CISOs Building Zero Trust from Netskope CISO Neil Thacker

Get insight from Netskope CISO Neil Thacker on the tips that can help security leaders and CISOs navigate the road to Zero Trust.

Read more
Can You Measure the Efficacy of Microsegmentation?
Zero Trust Segmentation

Can You Measure the Efficacy of Microsegmentation?

Illumio and Bishop Fox conducted and documented an industry-first blueprint on how to measure the efficacy of micro-segmentation.

Read more
The Top 3 Reasons We’re Excited for Money 20/20 USA
Zero Trust Segmentation

The Top 3 Reasons We’re Excited for Money 20/20 USA

Meet Illumio in Las Vegas at this year's Money 20/20 USA October 22-25.

Read more
How to Eliminate Security Silos Across the Hybrid Multi-Cloud With Illumio CloudSecure
Illumio Products

How to Eliminate Security Silos Across the Hybrid Multi-Cloud With Illumio CloudSecure

Learn why breach containment with Illumio CloudSecure adds visibility and segmentation to stop threats before they spread.

Read more
100% Cloud? You Still Need Zero Trust Segmentation
Zero Trust Segmentation

100% Cloud? You Still Need Zero Trust Segmentation

Learn why being 100% cloud does not negate the need for breach containment with Zero Trust Segmentation and how Illumio can help.

Read more
How a Zero Trust Strategy Built on Microsegmentation Solves Cloud Risks
Zero Trust Segmentation

How a Zero Trust Strategy Built on Microsegmentation Solves Cloud Risks

Find out how to gain visibility, control, and protection across dynamic cloud environments to keep your data and applications safe from breaches.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more