Individuals are increasingly using devices and digital platforms to store personal and private information as more than 60 percent of the world’s population is now online.
Yet users are often not “digitally literate” enough to fully understand the risks of these online environments.
While this is often addressed as an IT problem with pressures on businesses to adopt the latest and most secure technologies, the “human” factor should not be overlooked as an element to build strong defenses against cyber threats. However, as users expand into the online environment, the challenge remains how to advance digital literacy and cybersecurity at this growing scale.
In a digital environment full of risks, everyone needs to be taken care of
One of the most inherent problems for businesses in the hybrid environment is keeping track of all the devices and the employees who use them. The Australian workforce now sees 36 percent of workers using personal devices to access corporate data and more than 49 percent connecting IoT devices to their home networks.
Such a set of unattended systems has created a void of proper cybersecurity practices and a basic understanding of them. This exposes both companies and individuals to unnecessary risk by giving hackers the easy fodder to enter a database. Statistics suggest that 46 percent of all data breaches are the result of human error.
Even at the most basic level of password management, individuals are illiterate in proper password hygiene habits. The latest DBIR report shows that 82% of the infringements still involve human error. These bad password hygiene habits also extend beyond the value of protection, as many still don’t know what to do if an attack occurs. LastPass’ latest IDC report found that 45 percent of people didn’t change their passwords, even after a breach occurred.
Your safety is only as good as your weakest link. No matter how robust everything else is, if one person leaves the door open, anyone can walk in. With this in mind, companies need to make cybersecurity so simple that both technical and non-technical people can implement it. Every customer base is made up of a range of digital capabilities, and if digital assets are not user-friendly, these individuals will take shortcuts to access a company’s services.
Companies must provide solutions that ensure continuity for their employees and customers to save valuable time and effort, which can also maintain points of sale. Nobody wants to spend hours a day learning about security, it has to be embedded in everything they do instead, so it becomes second nature.
How to start with education?
Even though a company may have the best cybersecurity standards and practices for their employees, the real challenge is ensuring they are enforced and implemented at scale.
First and foremost, companies should view their employees as the first line of defense through a zero-trust approach to digital entities. Not only is this a robust framework that is simple and cost-effective for businesses, but it can also ensure greater security and integrity of personal and business assets. Basic security practices can also be changed by this approach of continuously validating every digital interaction, especially mitigating the risk of compromised credentials.
While a strong password is a basic requirement for protecting identity in the digital world, passwordless solutions are the future that will have all users, digitally savvy or not, covered. Using technology such as LastPass authenticator, SSO or federated identity, users can log in to devices and applications without entering a password.
This streamlines the user experience for employees and customers, while maintaining a high level of security and complete control for IT and security teams. This improves overall cybersecurity within the company and streamlines the user experience to maintain the point of sale – a win-win situation.
The sprawl and expansion of online environments show no signs of slowing down. Implementing highly advanced technologies is not enough to address the human factor in cyber threats. Education of good password hygiene practices and ensuring that education reaches all users are good starting points for promoting cybersecurity from the individual to the organizational level. These strategies are not only solutions to existing security threats, but must also be integrated into an ongoing skill promotion that resonates in an ever-changing digital environment.
Keep up to date with our stories on LinkedIn, TwitterFacebook and Instagram.
This post Why cybercrime is more of a social problem than a technical problem
was original published at “https://dynamicbusiness.com/topics/technology/technology-security/why-cybercrime-is-more-of-a-societal-issue-than-a-technical-one.html”