Humans: The weakest link in cyber security? You betcha?
It appears that we’re treading on old ground – we are! But more and more and more emphasis needs to be put on security and, ultimately, humans.
Rik Ferguson, Director Security Research and Communication
The mass introduction of technologies in every environment must take care of the human factor under the security perspective. In many case wrong behaviours of users, the failure to comply with security policies and leak of awareness on the cyber threats that could target systems that could expose the overall integrity of IT solutions.
Unfortunately in different occasions and scenarios in business, security is perceived as a further cost and a burden that complicate ordinary work. Many factors are readily available to complicate ordinary work: mobile, wireless access, cloud computing, social media are just some of the platforms that makes life more complicated.
Then comes a matter of trust. What is information security all about?
David Harley, Senior Research Fellow
What to do though? Distraction, ignorance, curiosity are just some of the factors that can lead to a high risk behaviour in terms of security. It is crucial to define riles the expose the user at risk.
Mark Johnson, Chairman of the Risk Management Group, speaking at the Cyber Threat Summit in Dublin, highlighted the following reasons when considering the human being theweakest link in the safety chain:
- Market becoming ever more ‘user-centric’
- At the same time, it is all becoming a lot more ‘virtual’
- Users becoming ever more device dependent
These are only a few of the reasons why security is playing havoc in IT Professionals’ workloads. BYOD Culture is new and exciting and appears to be the future way of working. Security needs to get a grip of new technology quick before humans open up a brand new can of worms and cause some major damage.
Free security tools can only do so much. But having faith in humans is something businesses need to get accustomed too. Just make sure you cover your backs.
What do you think?
Posted by Steven Woodgate
Could not be more right! That is why Kevin Mitnick and I sat down for 8 months and created Kevin Mitnick Security Awareness Training that makes sure the end user understands about spam, phishing, spear phishing, social engineering and malware. It's been very well received: