Are humans the weakest link in Cyber Security?
Last week I had the pleasure of attending the Cloud and Cyber Security Expo in London where I spent the day listening to thought-leaders discuss their theories on the future of technology and the affect it might have on our Cyber Security.
Of all the talks I listened to that day, it was one particular panel that really resonated with me. It was a quote by Simon Astbury, the CTO of Enersec during a discussion on enterprise security in a complex cloud environment that really got me thinking. He focused on the human element involved in data breaches and explained how the biggest culprits are ourselves.
“Humans are the weakest link in the Cyber Security space as they make mistakes, they can be bribed, they can be corrupted and they can go insane.”
We are in an era of elevated cyber-attacks, data breaches and legislation regulating the way we handle that data but what many outside of the security bubble don’t understand is that the majority of cracks can be fixed, internally.
From locking computers when off-desk or double-checking email addresses before sending data, it’s often the simple errors that are the most destructive and a simple education could go a long way.
We need to integrate security education into our everyday teaching and create a culture of protecting our own and each other’s data.
I am currently producing an insight paper focused on the evolution of Cyber Security and explore how HR and security teams can work together to ensure humans’ are no longer the weakest link.
To get involved in the production of the paper or to receive a copy once it’s published, please get in touch but in the meantime - join the conversation.
Are human’s the weakest element in Cyber Security?
Network Rail: Digitalisation of East Coat, Train & Track Signal Systems
6yIgnorance and stupidity is the weak link. But with Wannacry it caught a gap in Microsoft patch delivery systems. so the weak is the business change control process. NHS was affected at 100s of sites but this was due to faults in the anti virus software not detecting it. Thus the weak link is the Software vendors not humans. Over 600 GP surgeries and 6 general Hospitals were told to shut down and not take patients, due to commercial contacts not being done by vendors. thus the weak link is profit and poor business practice before customer care or reputation. But cyber security team at many business told the manager that Wannacry was windows only, but it took out Linux and Unix server at Heathrow T5, Renault car plants and several bank phone systems. Plenty of Cyber Security vendors and teams believe Linux does not get viruses. When you find 400 Unix and Linux servers with out AV but approved by the Cyber team. You through there own security policy back at them. Thus Ignorance and stupidity is the weak link :-0