Nearly every day we read about yet another data breach. They come from every market and size of company. This has created a sense of “Well, if they (the big players) can’t prevent a breach, then who am I to think I can?” Or, “They (the hackers) likely have all my info already, so what’s the difference this time?”
In the article “Have we reached data breach fatigue?” Jim Ivers states. “Consumers and businesses have begun to accept data breaches as just another part of daily life,” indicating we are becoming numb.
Cyber Security Programs
The other aspect of all of these breaches is the measure of security programs and testing. This has lead to animosity from employees who feel their own company should not be trying to trick them into making a security mistake. The most commonly attempted attack recently has been the phishing attack. In the article “Why security should consider its own internal advertising campaign,” there is discussion about how training people to avoid these mistakes has become critical and how that training is achieved is just as important. Written by Terena Bell.
At the CSO blog she spoke with Nick Hilderman, senior security analyst at Finning International, a Canada-based distributor of Caterpillar equipment that is two years into an infosec advertising campaign. This campaign doesn’t market to customers. It’s an internal push to help Finning’s non-tech employees understand how important cybersecurity is. “‘People often do not like [phishing campaigns],’ Hilderman explains, ‘They feel tricked; they feel manipulated; they feel like you’re trying to attack them.’ People who are already doing their best ‘fall for it,’ he continues, just to learn they were tricked by their own employer. The larger goal is good, but the approach is not. ‘We’re just trying to educate … and people hate it,’ he says.”
As a company, TraitWare® is focusing on the individual working to secure and simplify the login process. TraitWare’s solution alleviates the type of mistake phishing campaigns create. Removing a worry from your daily tasks. This is only a part of the security measures that need to be in place but should help to reduce breaches overall, as it does address the #1 cause of them.
Each of us needs to take responsibility and not become numb to the overwhelming task of protecting our data. One way you can participate is to become informed and use best practices for logins. Multi-factor Authentication is a must these days. We recommend choosing one that simplifies the process.