Light Dark
February 20, 2017 By Julie Murphy 2 min read
Data Protection
Endpoint

Ever go on a date that seemed to be going well, with lots of conversation flowing? Did you share more than you intended?

With mobile devices increasingly becoming an extension to our daily lives, it is easy to forget that all those fleeting comments and idle searches are stored locally or on applications. How could this tiny vessel of knowledge in our pocket be a cause for concern?

Time to Make Security Personal

Cyber psychologists suggest that disclosures and behaviors are enhanced online, just like oversharing on a first date. Inhibitions are reduced and conversations are falsely considered private.

A device is the proverbial diary in your pocket, but it is made available online. You are accessible to online friends. Your information is collated and available to corporations because you accepted a license agreement that allows applications access to device data, private or professional.

The traditional office is dead. From a business perspective, more data is available online on devices beyond corporate borders, which often hold both personal and professional applications. This is a fundamental corporate risk. It’s time to make security personal.

The Changing Face of Cybercrime

Who is the typical cybercriminal of today? It’s no longer a mythical hooded person in a basement, but that well-dressed older lady to your left or the young, dapper gentleman to your right. Tools and tutorials are readily available, meaning anyone and everyone is a potential attacker.

As the face of the stereotypical cybercriminal has changed, as has the motivation for committing cybercrimes. However, we typically only hear about complex, sophisticated attacks in the media that reinforce the illusion that the average user is reasonably safe.

Hackers’ motivations range from white-hat or altruistic efforts to personal problems, desperation, financial gain or simply because they can. The biggest lure to cybercrime is the perception that it is low risk and anonymous. Once a single device has been breached, the opportunities for a threat actor only multiply. Who is liable in these cases?

Make Personal Security Your Business

The eyes of most employees glaze over when they hear about security policies or experience a sense of guilt when IT sends an email. It’s important to understand what matters to people today. How many employees are unsure about their personal security online? Do they have concerns about their children or older parents online? If they have a vested interest in security, they will adopt secure behaviors.

Why spend a fortune securing assets if someone leaves the door open? Make security personal. If awareness is interesting, current and personal, people will want to listen. Tell a security story, reward good behaviors and encourage questions. Speak the language they want to hear and ask what their concerns are. Keep it relevant to them.

Awareness efforts simply need to interest people personally to be effective professionally. That’s why it’s critical to make security personal and help users become the masters of their own safety.

Listen to the podcast: Take Back Control of Your Cybersecurity Now

 |  |  |  |  | 
Julie Murphy
Ethical Hacker, IBM

More from Data Protection
November 19, 2024

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

November 8, 2024

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

November 7, 2024

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature