Light Dark
February 20, 2017 By Julie Murphy 2 min read
Data Protection
Endpoint

Ever go on a date that seemed to be going well, with lots of conversation flowing? Did you share more than you intended?

With mobile devices increasingly becoming an extension to our daily lives, it is easy to forget that all those fleeting comments and idle searches are stored locally or on applications. How could this tiny vessel of knowledge in our pocket be a cause for concern?

Time to Make Security Personal

Cyber psychologists suggest that disclosures and behaviors are enhanced online, just like oversharing on a first date. Inhibitions are reduced and conversations are falsely considered private.

A device is the proverbial diary in your pocket, but it is made available online. You are accessible to online friends. Your information is collated and available to corporations because you accepted a license agreement that allows applications access to device data, private or professional.

The traditional office is dead. From a business perspective, more data is available online on devices beyond corporate borders, which often hold both personal and professional applications. This is a fundamental corporate risk. It’s time to make security personal.

The Changing Face of Cybercrime

Who is the typical cybercriminal of today? It’s no longer a mythical hooded person in a basement, but that well-dressed older lady to your left or the young, dapper gentleman to your right. Tools and tutorials are readily available, meaning anyone and everyone is a potential attacker.

As the face of the stereotypical cybercriminal has changed, as has the motivation for committing cybercrimes. However, we typically only hear about complex, sophisticated attacks in the media that reinforce the illusion that the average user is reasonably safe.

Hackers’ motivations range from white-hat or altruistic efforts to personal problems, desperation, financial gain or simply because they can. The biggest lure to cybercrime is the perception that it is low risk and anonymous. Once a single device has been breached, the opportunities for a threat actor only multiply. Who is liable in these cases?

Make Personal Security Your Business

The eyes of most employees glaze over when they hear about security policies or experience a sense of guilt when IT sends an email. It’s important to understand what matters to people today. How many employees are unsure about their personal security online? Do they have concerns about their children or older parents online? If they have a vested interest in security, they will adopt secure behaviors.

Why spend a fortune securing assets if someone leaves the door open? Make security personal. If awareness is interesting, current and personal, people will want to listen. Tell a security story, reward good behaviors and encourage questions. Speak the language they want to hear and ask what their concerns are. Keep it relevant to them.

Awareness efforts simply need to interest people personally to be effective professionally. That’s why it’s critical to make security personal and help users become the masters of their own safety.

Listen to the podcast: Take Back Control of Your Cybersecurity Now

 |  |  |  |  | 
Julie Murphy
Ethical Hacker, IBM

More from Data Protection
November 2, 2023

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 25, 2023

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature