All posts tagged Cybersecurity Awareness

Cybersecurity vs. Humans: The Human Problem Requires a Human Answer

Daniel Solove
Founder of TeachPrivacy

Data Security Human Error - Security Awareness Training

According to a recent Ponemon Institute study, the odds of an organization having a data breach are 1 in 4.  The study also found that the average cost of a data breach is $3.62 million in 2017.  That’s a drop of 10%, but the size of data breaches has increased.

The Human Problem

The vast majority of information security incidents and data breaches occur because of human mistakes.   Information security is only in small part a technology problem; it is largely a human problem.  The biggest risks to security are human errors — people putting data where it doesn’t belong, people not following policies, people losing portable electronic devices with data on them, people falling for phishing and social engineering schemes.

Having a robust technical cybersecurity infrastructure is very important, but it alone isn’t enough.  A recent Harvard Business Review article by Dante Disparte and Chris Furlow reinforces this point quite well.  “Firms can be lulled into a dangerous state of complacency by their defensive technologies, firewalls, and assurances of perfect cyber hygiene. The danger is in thinking that these risks can be perfectly ‘managed’ through some sort of comprehensive defense system. It’s better to assume your defenses will be breached and to train your people in what to do when that happens.”

The Human Answer

In addition to technology, effectively preventing and dealing with data breaches involves humans.  The problem is the humans, but so is the answer.

According to the Ponemon study, there were significant data breach cost reductions for having an incident response team, extensively using encryption, and engaging in workforce training.

Continue Reading

Ransomware: A Cartoon to Brighten More Bad News

Daniel Solove
Founder of TeachPrivacy

Ransomware cartoon

I have good news and bad news about ransomware.  First, the good news — here’s a cartoon I created.  I hope you enjoy it, because that’s the only good news i have.  Now, for the bad news . . .

The Bad News: Be Afraid, Very Afraid

Everyone seems to be afraid of ransomware these days, but is the fear justified?  Is ransomware more about hype than harm?   Unfortunately, a recent study of international companies conducted by Malwarebytes provides some startling statistics to back up the fears.  According to the study, 40% of companies worldwide and more than 50% of the US companies surveyed experienced a ransomware incident in the last year.

The stakes are very high — 3.5% of companies surveyed even indicated that lives were also at stake which was exemplified by a recent attack in Marin, California where doctors lost access to patient records for over 10 days.

Continue Reading