Understanding Human Nature to Secure Your Enterprise
A New Perspective.
Cybersecurity professionals understandably tend to focus on technology. But many security breaches stem from attacks that exploit elements of human nature which create behaviors that are hard to prevent. Therefore, it is more productive to take a “human-out” approach, identifying common behaviors that create risks, while working with—rather than against—human nature to minimize these risks.
The Two “C”s.
Many risks are created by people’s tendency to CLICK on and CONNECT to things they shouldn’t. Web filtering and anti-phishing technologies can go a long way to preventing users from clicking on low-reputation or high-risk websites and attachments. Meanwhile, VPN and endpoint security technologies can mitigate against the tendency to connect enterprise devices to convenient—but potentially insecure—public networks.
The Three “I”s.
People also tend to INSTALL software that doesn’t belong on a work computer, INSERT free thumb drives and other questionable devices into their laptops and IGNORE warnings to update software with security flaws. Systems that identify high-risk installs, manage ports and encourage auto-updating software outside working hours can reduce these risks. Address the two “C”s and the three “I”s and you could prevent the majority of breaches.