Risk and Human Behavior.
The actions of the employees can be one of the greatest cybersecurity risks facing your organization, according to Adenike Cosgrove from Proofpoint. Cosgrove points out that cybercriminals, like most people, will take the path of least resistance when they carry out a job. In most cases, this means tricking a human into letting them into an organization’s network, rather than going through the difficult process of hacking their own way in.
“Many organizations’ security and compliance tools focus on safeguarding the perimeter, helping to manage endpoints and patch system vulnerabilities,” she says. “But they struggle to protect against the human vulnerability. To stop today’s advanced attacks, businesses need to focus on protecting end users by adopting a people-centric cybersecurity strategy. These strategies are a realistic approach to cybersecurity, using technology and training to protect the people in organizations, not just the technology they use.”
Cosgrove adds that “combining software-based security with employee education and vigilance holistically across the business is essential to minimizing human risks.” Technical defenses won’t make a difference if attackers can achieve their goals by exploiting your employees. New-school security awareness training can help your organization build a culture of security to mitigate human-based vulnerabilities.
TLTR
Take a people-centric approach to cybersecurity – combine technical, process, and people-based controls to minimize the human risk.
Cybercriminals exploit the human vulnerability within a business, meaning that the actions of employees can prove to be the greatest cybersecurity risk to a business if left unchecked.
The lack of cybersecurity education and vigilance across the business are creating a risky cyber environment for organizations.
Help Net Security has the story:
https://www.helpnetsecurity.com/2019/03/04/human-behavior-cybersecurity-risk/
