Cyber security is a global concern, more so with the rapid adoption of internet enabled services, securing people, processes and technologies online becomes a sine qua none.
The cybersecurity industry as dynamic as the attack landscape presents, constantly roll out efforts geared towards mitigating against cyber threat exploits.
The cyber resilience of many enterprises mature steadily, however cyber insecurities are on the increase as seen in increasing number of cyber-incidents and breeches.
The salient question asked by well-meaning practitioners remain, “What are we not doing right?”
The answer to this question lies in examining the approaches to cyber security. Having consistently devoted time since 2016 to studying the cybersecurity landscape, theories and practices, I have identified recurring factors that present as being responsible for adding clogs on the wheels of progress in the fight against cyber insecurities.
1. The Human Factor Security Paradox:
In today’s review, I wish to discuss one of such factors; I wish to x-ray the impacts of negligence of human factor security on achieving enterprise cyber security, as well as a few tips on how to correct this anomaly.
Human factor security is very pivotal in achieving success in the fight against cyber insecurities. Human weaknesses have always been a vulnerability exploited by cybercriminals.
Cybercriminals understand that cyber safety best practices awareness is at its lowest ebb, they are also privy of the fact that there is a high complacency level on the part of employees with regards to strict adherence to cyber safety protocols.
The malicious insiders too are not exempted as sources of human vulnerabilities exploited by cyber threats.
These scenarios present various weaknesses on the human factor, suffice it to say that cyberthreats cash in on these and many more human weaknesses to attack even enterprises with high cybersecurity maturity and resilience.
Human factor security usually are either ignored, given low priority, or threated as an addendum by enterprise security architects.
This hence creates a huge lacunae exploited by cyber threats, and therefore makes it difficult for enterprises to move forward in achieving holistic security of their cyber infrastructure and processes.
Enterprises can attempt to adopt proactive measures towards mitigating against human factor security by adopting the following steps:
- Assigning high priority position to human factor security, by incorporating frameworks, standards, principles and practices geared towards achieving better human factor security in the enterprise cyber security plans and policy documentations.
- Scaling up the cybersecurity training regimens for employees at all cadres. This include ensuring that employees understand the high risks their actions and inactions could cause the enterprises in terms of both tangible and intangible losses.
- A collaborative approach towards cybersafety awareness is very vital, human resources and recruiters need to include cyber security awareness in their recruitment requirements and incorporate them as a segment in their on-boarding trainings.
- Emerging technologies like predictive technologies, data analytics, and intelligent computing can be leveraged upon by enterprises in providing behavioural monitors, checks and logs. This provides insights on employees’ compliance levels towards cybersecurity protocols, detects complacencies and truancies as well as identifies deviant behaviours that could lead towards malicious insider threats.
Achieving cybersecurity requires a collaborative effort and until such a time we understand the need to ensure security of people as much as we focus on security of processes, data and technologies, we may not move forward in winning this cybersecurity war.
…to be continued:
Chioma Chigozie-Okwum indigenous to Imo State, Nigeria is a cyber-security researcher, content creator, educator, speaker, strategic planner and “tech-futurist”.
Chioma is currently a lecturer at the department computer science as well as the Director of Information and Communication Technology at the Spiritan University, Nneochi, Abia State, with interests in human factor security, indigenous solution development and persuasive cyber safety adoption.
She can be reached via: [email protected]