Talk about strange user behavior. In mid-May this year, Microsoft had to pummel its users with a series of warnings and alerts, pleading with them to remove a vulnerability in earlier editions of Microsoft Windows.
The warning was direct: a BlueKeep vulnerability might cause a cybersecurity outbreak. That is, the malware could spread without human attention or actions.
It took more warnings from security experts and the U.S. National Security Agency to underscore the problem. A similar example of ignored warnings after a data breach involved Google’s Password Check-up Chrome extension.
Page Table of Contents
What’s Happening? Human Nature
Whats’s Happening? Human Nature
Why do users choose to ignore a long series of warnings? The answer to the Microsoft and Google situations and many others is human nature. Here are some seldom-mentioned reasons why users suffer lapses in security awareness:
People are often poor-risk estimators. Even cautious users badly underestimate the danger of password re-use and other risky network behavior.
Bad past experiences with patching. Software update procedures that were complex or time-consuming are likely to cause users to think twice when they’re urged to patch security apps.
Lack of understanding of what’s involved. Start with warnings that don’t warn against anything explicitly, repeat them over and over, and don’t educate users about what’s really at stake. When it’s decision-making time, avoidance will conquer logic every time. A user hits the alert’s DELETE button, and the warning fades from memory.
Security alerts and warnings are often unclear. It’s easy to ignore these types of security statements:
- Update available. This one might be especially easy to ignore because it’s a statement, not a warning. When prompted with this message, security experts advise going ahead and installing the update. But who would know, given the wording?
- Security & anti-virus software update warnings. Whenever you see the words “virus” and “warning” should be a clue that it’s time to toughen up your security software. Sometimes these alerts can be a bit bland, so don’t be fooled. The updates are essential to tackle evolving threats.
- Threat detected. If you need even stronger wording, try this: a notice that your security software has detected a virus, malware, or other threat. This is a full-blown warning, which usually includes instructions about what to do. There’s little ambiguity here.
- Habituation. Repeated exposure to bland, all-too-familiar security warnings that have been ignored before and nothing bad happened is a recipe for user apathy.
There are two levels of defense that organizations can take to protect their IT and data assets from attack.
Standing Up to the Data Breach Threat
Data Breach Threat
If the statistics we all read seem grim, remember there are plenty of effective ways to fight back. So, the next time you ask what you can do against increasing cyberattacks, don’t forget to consider these high-level defense tactics:
Take human nature and the damage it can do seriously. Cybersecurity isn’t just a technology issue. The ease with which a staff member of any department can cause a data breach is a monument to human behavior. Deliberate, negligent, or just plain forgetful, human behavior must become a central topic of cybersecurity plans.
Stay informed. Attack methods and technologies change constantly. So, it’s not realistic to expect an IT department to mitigate every IT security risk. Many modern cybersecurity threats derive from user errors, social engineering, web browser exploits, and other methods, from which technical teams can provide limited protection. Cybersecurity is something everyone must be aware of, so user training is a must.
Start layering your security tools and methods. Antivirus software is still an essential part of the IT security toolkit. But by itself, it’s not enough to protect networks or users from modern security exploits. Many cybersecurity tools and resources are available commercially. Taken together, they are not cheap. However, the estimated total costs of these resources are likely to be less than the expected value of recovering from a cyberattack.
Consider insurance. The market for cybersecurity insurance has boomed in the last several years. Now it’s something that companies of all sizes should think about. The trick is to do due diligence—several insurance companies have denied cyberattack claims. So, it pays to know the circumstances of those cases and whether your organization might be at risk for claim rejection.
Think about backup and recovery. No matter how often data breaches occur, organizations needn’t pay a ransom—if their backup efforts are well defined and installed. If a backup is there, there’s no need to pay hackers anything. Obvious? You bet! But many organizations haven’t gotten the memo. Statistics cite that nearly half of affected U.S. companies end up paying hackers ransom.
Best Practices for Extra Protection
Best Practices for Extra Protection
Security specialists agree that not all data leaks are preventable. In addition to the Big Picture tasks described above, IT and security pros can engage in these best practices (Defense Level 2) to prevent breaches:
- Vulnerability assessments
- Penetration testing
- Security awareness training
- Attack recovery and mitigation plans
- Perimeter defense
Cybersecurity is important. Hopefully, we’ve provided some down-to-earth scenarios that convince you that there’s no guarantee that the bad guys won’t have you or your organization in their crosshairs. The problem is not going away or going to get any less important in the coming years. If anything. all the forecasts point to upward trends.
A Solution that Draws a Line in the Sand
Solution that Draws a Line in the Sand
Modern data security solutions protect organizations against data breaches, wherever the data might be—on-premises, the cloud, and hybrid environments. It also provides security and IT teams with a complete view of how the data is accessed, used, and moved throughout the organization.
Advanced solutions use a comprehensive approach, which relies on several layers of protection, including a database firewall, user rights management, data discovery and classification, and alert prioritization. And cloud-based data protection and mitigation services help to control costs and simplify security program management.