Cybersecurity - why don't we do it the right way?
Roger Smith
4 x author on securing #nonprofits, #SMEs, Associations and Charities from cyber events using enhance #cybersecurity concepts. Start now, do the self assessment and get your baseline!
We often get resistance from users in a business when there is an increase in security.
Why would that be, you ask?
Cybersecurity is not popular from the user angle because it puts constraints on a user as well as perceived restrictions on a business.
Most businesses work on convenience over security but what is needed today is security over convenience.
Here are a couple of highlights!
I am too busy to do the awareness training.
What is more important, spending time on understanding the cybercriminal and why they are targeting you or doing Mundine tasks.
Most awareness training is 2-5 minute videos with a quiz after a few of them.
The positive impact of aware teams cannot be underestimated.
2 FA is too time-consuming when I log in.
2 FA or two-factor authentication or multi-factor authentication is a third level of security around business and personal accounts.
It stops someone from using your username and password without you knowing.
In most cases after you have logged onto your normal or home computer you only use 2FA when there is a change.
If everyone uses the same username and password then we are working faster.
领英推荐
You have a staff of 10 but there may be an additional 20 people who use to work there who still have access to your systems.
For security reasons, every user needs a separate account and that account needs to be secured by a strong password.
We do not have time to test our backups.
Although all of these excuses make cybersecurity harder this one can put you out of business.
A regular test of your data is essential to ensure that when you need that priceless system that it is going to work and work in the way you expect it to.
That expectation that your backup will get you back to business as fast as possible needs to be tested regularly otherwise it just compounds the stress of a cyber event.
Physical restoration of systems is important but did you back up the applications and APIs, if not, then it is just data and not of much use to you.
We are only going to use 2 characters as a password.
Stop thinking that passwords are to stop people from gaining access to the system.
In most cases, strong passwords (unique, complex and more than 10 characters) are to stop computers from cracking your password to gain access to your systems.
Using today's technology any password under 5 characters can be broken in under 1 SECOND!
Cybersecurity is your knight in shining armour, but in a lot of cases, you do not see what they have stopped which makes them practically invisible.
?
Sr. Program Manager working on Cloud Computing, Software Development, Digital Transformation, Cybersecurity, and Infrastructure projects.
2 年It's like saying: Cancer why can't we have a right treatment.