Introducing Illumio Insights — breakthrough AI-powered observability, detection, and containment.
Read more

Experienced a Breach?

|
Contact Us
|
+1 855 426 3983
Blog
/
Zero Trust Segmentation

People Can’t Be Patched: Why Human Error is a Huge Cloud Security Risk

Christer Swartz
Solutions Marketing Director
March 4, 2025
23 min. read

“Assume breach” is a fundamental principle of Zero Trust. And it applies just as much to people as it does your workloads. Just as we need to assume breach in the IT environment, we also need to assume human error in your workforce.

Research bears out this assumption. According to a recent study, mistakes by people account for close to half of all data breaches in the cloud.

People are always the weakest link

Resources in the cloud are dynamic and ephemeral. Securing a hybrid cloud architecture can be challenging. That’s especially true when the architecture includes multiple cloud vendors, on-premises data centers, and mobile endpoints.

And all cybersecurity architectures contain one weak link in the workflow. (Hint: it’s located between the keyboard and the chair.)

No human can manage security in a complex environment without making an occasional error. Given enough time, everyone makes mistakes.

Policy enforcement is impossible with humans, even in the most robust Zero Trust architectures. Human decisions and mistakes are impossible to reduce to a reliable algorithm. People are unpredictable. And no amount of training will stop someone from clicking on links, accidentally downloading threats, or eventually misconfiguring a security device.

Zero Trust architecture must protect against unpredictable scenarios. Human error should be at the top of that list.

The segment protects you from yourself

Human error allows breaches to enter cloud resources. That’s why enforcing policy between all resources is the only way to restrict movement of the breach, regardless of how complex or mysterious that threat is.  

Once that first cloud resource gets compromised, that threat will try to move to the next resource toward its ultimate goal. And the only way that any threat can move between resources is through a network segment.  

Monitoring and enforcing all segments between resources can reveal undetected threats based on network behavior between application dependencies. The movement of a threat from one resource to another will almost always produce spikes in normal traffic behavior. These spikes can be discovered and enforced.

For example, unusual behavior across segments — such as sudden bursts in lateral network traffic between resources — can be a sign of malicious traffic on the move. This can be the case even if your threat-hunting tools have not yet discovered a threat on that resource.

Monitoring and enforcing the segment will protect your environment from inevitable mistakes, human or otherwise.  

The errors putting your cloud at risk

In cloud security, human error comes in a variety of types:  

  • Weak access passwords
  • Exposed storage instances
  • Failing to rotate SSH keys
  • Leaving ports open laterally between resources
  • Not patching the OS on those resources
  • Assuming security is someone else’s job
  • Trusting cloud vendors to secure resources that you host on their environment

All of these mistakes will open the door to threat actors to gain entry.  

What’s more, humans can be easy to manipulate. For attackers, social engineering is an effective, low-tech solution to compromising corporate credentials.

AI-generated tools are beginning to expand the ways in which threat actors can impersonate someone in authority, requesting passwords from an underling or coworker. Attackers can also use LinkedIn to find and bribe an employee of a targeted company to get credentials. Zero Trust needs to take into account these unfortunate but common scenarios.  

Segmentation applies to humans as much as it does to workloads — perhaps more so. Whether intentional or accidental, human error needs to be assumed. Humans need to be assigned the same level of trust as any workload: zero.  

Vendors make security errors, too

For the sake of argument, let’s pretend your employees are all fully trained, reliable, and practice good Zero Trust hygiene. But what about third-party entities, which also have all kinds of access to your environment?

Do you trust contractors, vendors, auditors, branch offices, agencies, or suppliers to follow security best-practices?

In Zero Trust, the answer is always no. Those external entities may claim to be secure, and they may truly think they are. But without full control of external parties, you must assume that their security is potentially weak.  

The keyword in Zero Trust is zero — whether it’s workloads, people, or third-party entities.  

Contain breaches with Illumio

Enforcing segmentation protects the hybrid multi-cloud from errors committed by even the most well-intentioned employee.

A Zero Trust architecture pushes the trust boundary out to every resource and every human. It then continuously monitors all segments between them.

The segment is the common denominator in how threats spread across workloads, regardless of how they entered the environment. Humans cannot be secured, patched, or quarantined effectively. Eventual failure must be assumed.  

Illumio Zero Trust Segmentation helps you visualize, discover, and stop threats from spreading between resources at any scale, regardless of the source. This builds a consistent cybersecurity architecture that protects resources from any kind of threat — from digital to human.  

Contact us today to learn more about how Illumio ZTS can help secure your hybrid multi-cloud from human errors.

Related topics

Cloud Security

Related articles

Zero Trust Impact Report: 3 Key Takeaways for Security Leaders
Zero Trust Segmentation

Zero Trust Impact Report: 3 Key Takeaways for Security Leaders

Enterprise Strategy Group (ESG) research reveals positive trends and approaches to Zero Trust initiatives.

Read more
Illumio: The Choice for Organizations Wanting Predictable Micro-Segmentation at Scale
Zero Trust Segmentation

Illumio: The Choice for Organizations Wanting Predictable Micro-Segmentation at Scale

The Forrester New Wave security report confirms Illumio's policy management, policy enforcement, and interface sets the standard for microsegmentation.

Read more
Top Cybersecurity News Stories From March 2024
Zero Trust Segmentation

Top Cybersecurity News Stories From March 2024

Get caught up on some of the top cybersecurity stories from March, including the new NSA information sheet and ROI-driven security spending.

Read more
How to Eliminate Security Silos Across the Hybrid Multi-Cloud With Illumio CloudSecure
Illumio Products

How to Eliminate Security Silos Across the Hybrid Multi-Cloud With Illumio CloudSecure

Learn why breach containment with Illumio CloudSecure adds visibility and segmentation to stop threats before they spread.

Read more
100% Cloud? You Still Need Zero Trust Segmentation
Zero Trust Segmentation

100% Cloud? You Still Need Zero Trust Segmentation

Learn why being 100% cloud does not negate the need for breach containment with Zero Trust Segmentation and how Illumio can help.

Read more
How a Zero Trust Strategy Built on Microsegmentation Solves Cloud Risks
Zero Trust Segmentation

How a Zero Trust Strategy Built on Microsegmentation Solves Cloud Risks

Find out how to gain visibility, control, and protection across dynamic cloud environments to keep your data and applications safe from breaches.

Read more

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more