Do you know the most powerful weapon in the war against cybercriminals? (Hint: it’s not antivirus).
People! People have been criminally underutilized in the fight against cybercrime. They have been ignored, misunderstood, blamed, shamed and virtually handicapped. This is a tragedy resulting from years of fear-based motivation, bad design, checkbox-security training, security theater and behavior management.
But with training and careful design, the same culture you thought was apathetic becomes a resilient, intelligent human firewall. We’ve seen it, firsthand.
Maybe you don’t believe me. I understand that, depending on the report, human error accounts for somewhere between 60-90% of security breaches across corporate America and around the world, resulting in huge financial losses. So it is only natural that there is a lot of talk about how to reduce human error, eliminate the ‘people problem’ and disarm all your ‘weakest links.’
Here’s the thing, though: there is increasing evidence that people are the best sensors for suspicious activity. When reports about suspicious emails go up, sophisticated phishing emails get caught at higher rates. When people report suspicious activity on their devices or network that machines can’t catch, response teams zero in on potential threats. And when people report suspicious behavior, they catch things video feeds can’t even find.
Bottom line? Arm your people for the war on cybercrime. You won’t regret it.
Here's how. Encourage your people to report...
I’m sure you’ve heard about “see something, say something.” And while it doesn’t help change behavior, it gets to the heart of the issue: people are part of the solution.
Intuition tells people when something is wrong or at least out of the ordinary. And when they don’t report suspicious activity, sometimes it takes organizations > six months to detect a data breach!
Make use of the best weapon you have. The human!