Cybersecurity: It’s Not a Tech Problem — It’s a People Problem
We’ve all heard the term Cyber Security, but the reality is not all of us have tuned in and paid attention. Indeed, there are two types of people; those who listen when the topic comes up, and those who don’t believe it applies to them.
A key reason for this alienation is simple; say the word Cyber Security, and the conversation quickly turns technical. We go from “real threat” to Firewalls, Endpoint, Encryption with no middle ground.
Yes, the above are important, but oftentimes they cut out many people who need to understand the fundamentals. It also distracts from an uncomfortable truth: most breaches are the result of human error, NOT intricate hacking schemes.
Maybe it’s a clink. Possibly it’s a password. Probably someone acted without thinking. Each time, a person. And each time, the real weak point isn’t the system, but rather basic human behaviour.
- Human Error = Your Biggest Entry Point:
Complex exploits and systems breached? Too much work. Most attacks need something far simpler; basic human trust.
Whether a phishing email or fake login, made up invoices or a call from “FNB”, impersonation attempts are all geared around tricking unsuspecting users into voluntarily providing access. Rather than break the system, they’ll convince you to open the door and say come inside.
They’re getting better at it too. Many scam emails are almost indistinguishable from their legit counterparts. Websites have genuine domains, and the messages come directly from the people you know (who’ve also been hacked).
All it takes is a momentary lapse of concentration and they’re in.
2. The Poor Password Problem:
We’ve created mailers, run webinars, sent out SMS’s and put out social media posts, yet poor password behaviour remains a key Cyber Security weakness (which you, yes you, may be compounding). This includes:
- Recycling passwords across systems
- Using easy-to-guess, personally grounded passwords
- Sharing of info with friends or colleagues
- Documenting passwords in easy to access places
All it takes for the Dominoes to fall is ONE breach here. Attackers then usually gain access to multiple systems purely because the details have been repeated everywhere.
3. Security vs Convenience:
The nature of today’s fast-paced work environment is that everyone is under pressure. We have a constant need to be faster, work efficiently, meet our deadlines and deliver quicky. Sadly, this often leads to shortcuts and a high-pressure situation when safety is NOT the number one priority.
Have you, for example, ever:
- Sent important work info via your personal Email as Outlook wasn’t working?
- Stored important company data on your mobile device?
- Clicked “skip” on your two-factor authentication because you were in a rush?
This transcends conventional protection and becomes a discussion of security habits which are sustainable and easy to follow.
4. Training Beats Tools:
Many companies go big on Cyber Security software but small on the human element. Regular training and support is as important as a fancy firewall – because there’s no point Norton fighting fires when you have an active match that can’t recognise a dodgy link.
Well-trained workforces can stop attacks before Tech needs to step in – and that’s a key difference in a time sensitive environment.
In the end, the best Cyber Security practices are cultural, not purely technological.
Encourage a workspace where reporting mistakes is acceptable and policies are easy to digest. Leadership needs to prioritise this as much as the team, because organisations who take this shared responsibility seriously are far more resilient.
The bottom line is that Cyber crimes will always involve tech, but tech alone isn’t enough. There’s always a human behind the system. Someone making decisions, under pressure, clicking links and sending files. And, in most cases, it’s their ability to make those decisions (and the info behind them) which ensures a business stays secure or guarantees it’s the next headline.
About Author
