Why people are so important to cyber security

Why people are so important to cyber security

Mar 11, 2022

In our world of interconnectedness it is almost impossible to be a subsistence farmer and survive. The upshot of that is we are connected and we have to live in the world of technology.


Living in the world of technology we can't ignore the how or the consequences of using technology. We don't have the right to pretend to be a subsistence farmer yet use all the tech to make our lives and business palatable in a modern world.


In my opinion there is a lot of deferring the consequences to someone else. We see it in all professions. A very clear line of what I do and what the other service does. Jack of all trades does not exist anymore. Specialisation is the key. And the legal system enforces this. This gives rise to a social conditioning of blame shift and responsibility dodge.


IT services are a specialist service with specialist knowledge. It is not easy to understand all the bits and packets that go into making each function work. This gives rise to the temptation to leave the execution and protection all to the IT guys. What's more, this fits into our culture of this is my specialty and that is yours. Stuff it up and you are accountable not me.


Unfortunately the truth of the matter is that computer programs do not exist independent of human input. It is the human input that makes technology valuable. It is this same human interaction that creates the vulnerabilities that cyber criminals exploit.


I have heard that 90% of IT disasters, data breaches etc come from a gap left open by human interaction with technology. That stat is pretty high but even if it was half of that and we took out the craziness of stats and said that 45% or even 30% of IT breaches were a result of humans leaving the door open to criminals, then it would be worthwhile plugging this hole left open to cyber attacks by the people using the IT system.


So although it is nice to believe that IT has your back, the reality is that a lot of protection needs to be done by the individual. As an individual being cyber safe is done by following the IT geeks and doing what they say and doing it consistently. 


The idea is to build a human firewall that is your first and best line of defence. Then th IT bods can take care of the other bits.


Fight cyber crime - Be cyber safe