Every day we hear about new security breaches. Why don’t people take more precautions?

There are high profile Cyber Security breaches almost Daily

Cybersecurity breaches seem to be a Continuous part of modern life, With a new high-profile leak or hack occurring almost daily. Regardless of this, however,  individuals still aren’t taking adequate measures to safeguard their data.

In a poll of over 1,000 individuals living in the United Kingdom, nearly a quarter — 23 percent — admitted to regularly using either their name or date of birth as their password in online accounts.  This makes them easy targets for hackers.  People still 0nly use one or two passwords for all of their online accounts, meaning that if you were to be breached all of your accounts would likely be in trouble.

Despite corporate training policies, employees aren’t practices sufficient cybersecurity.  This puts companies at serious risk.

The WannaCry Effect

WannaCry ransomware struck earlier this year.  This attack was all over the news and everyone heard about it.  But did this help to change people’s habits when it comes to cyber security?  No Way.  Polls show that very few people implemented extra security best practices.

“A surprising amount of people still seem oblivious to the threat Posed for their private and, in reality, company information by using their name or date of arrival due to their passwords,” said Bradley Maule-ffinch, manager of plan for Cyber Security Europe.

“Nowadays this is far from being just a personal matter. We have seen A spate of prolific attacks and breaches this season alone and companies must make sure that employees are knowledgeable about the principles like password security.  Using their own personal devices to connect to company networks which Is an ever-growing hazard landscape. This could prove a costly Vulnerability for businesses in the wake of GDPR.”

Since it is human nature to make things easy – like logons and remembering passwords – it is human nature that hackers exploit.

So what is the solution?

Companies must train their employees, but they cannot trust that their employees will follow the training.  Companies must implement strong controls that force their employees to foll0w security best practices.  These controls – like requiring strong passwords and frequent password updates – are easy to implement.

 

 

Fred Templeton, CISA, CASP, SEC+

Fred Templeton is a practicing Information Systems Auditor in the Washington DC area.Fred works as a government contractor and uses his skills in cyber security to make our country's information systems safer from cyber threats.Fred holds a master's degree in cybersecurity and is currently working on his PHD in Information Systems.
Avatar

Leave a Comment