Page 51 - Cyber Defense eMagazine for August 2021
P. 51
A 2019 study revealed that 91% of enterprise data breach victims said that social engineering was part
of the attack. To help patch these behavioral vulnerabilities, companies need to understand why
employees behave the way they do.
Ignorance is a significant factor behind these attacks. Providing thorough training for all employees is
crucial, but complacency is just as prevalent and dangerous. If workers don’t see security as a relevant
issue to them, they won’t bother engaging in best practices. People tend to prefer convenience over
security.
Cybersecurity training should communicate how breaches affect employees on a personal level. No
amount of exercise will eliminate all complacency, though. Since people will always make lapses in
judgment, cybersecurity professionals should anticipate this and prepare accordingly.
Companies should review who has the most potential for damage, which is often whoever has access to
the most sensitive information. These workers should receive the most attention, be that in monitoring,
extra training or tighter access controls. Keeping an eye on how employee behavior shifts is also crucial
to preventing psychology-based attacks.
Thorough Cybersecurity Considers Psychology
The best cybersecurity strategies cover more than just technical considerations. Psychology, both in
cybercriminals and their victims, drives cybercrime, so it should be at the center of cybersecurity too.
When security teams understand how their attackers and clients think and behave, they can act more
effectively.
About the Author
Martin Banks is the founder and Editor-in-Chief of Modded. You can find
his writing all over the internet. He covers tech, gear, cars, and more.
Cyber Defense eMagazine – August 2021 Edition 51
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
