sb-as logo
Story image

ESET: Ignoring human element in cyber safety a mistake

Neglecting the human element in cyber safety protocols could potentially expose businesses to cybercrime, according to IT security firm ESET. 

According to the Cyberchology paper, which investigates the link between personality types and vulnerabilities to cybercrime, which was launched by ESET and The Myers-Briggs Company, only four in 10 (42%) businesses focus on compliance training as part of their cybersecurity protocol to ensure sensitive data is kept secure. 

More worryingly, ESET says, is that 63% rely predominantly on passwords. 

The Cyberchology paper highlights that cybersecurity should be on every boardroom’s agenda. Management needs ongoing one on one meetings and training to highlight and mitigate potential vulnerabilities within teams.
 
Jake Moore, security specialist at ESE, says by leveraging ESET’s deep research capabilities, the Cyberchology paper highlights current cyber threats such as Formjacking, PowerShell and IoT attacks. 

"Cyberattacks are almost considered business as usual because they have become so frequent," says Moore. 

"Criminals’ modus operandi are extremely diverse and unpredictable and, aside from a reputable and trustworthy cyber solution, having a solid front line of employees who are armed with ample information and support is critical for businesses," he explains.
 
Moore says that securing the human element is vital in today’s fast-changing cyber landscape. 

"We are seeing a growing need for companies to streamline their teams’ cyber safety protocols," he says.
 
While the motivation behind a cyber-attack may be varied and impossible to predict, Moore says companies can take the time to learn more about their employees’ personalities and behavioural preferences to help them understand the role they play in securing company data.
 
Research collated by The Myers-Briggs Company that looked at individuals across Europe revealed that people who focus their attention on the outside world (Extraversion) are more vulnerable to manipulation and persuasion by cybercriminals. 

In contrast, people that lean towards Sensing preferences (people that observe and remember details) may be better suited to spotting risks as they arise. 

According to John Hackston, head of thought leadership at The Myers-Briggs Company, says identifying people’s potential strengths and weaknesses not only highlights how different team members may be at risk without even knowing it, but it can also be used to foster a collaborative team dynamic as members may call on each other’s strengths if there is something they are not sure of.
 
“When it comes to cyber safety protocols, we strongly advocate delivering a personalised cybersecurity management programme to employees," Hackston says. 

"We believe that when employees are aware of their potential blindspots, they are naturally more invested and better prepared to be wary of things that may not seem quite right," he explains. 

"By improving employees’ self-awareness, employers can maximise individual and team performance," adds Hackston. "This is particularly important in a fast-moving industry like cybersecurity, which combines constantly shifting challenges with the need to place trust in individuals.”

Story image
Users pay with personal data - Kaspersky on WhatsApp move to share data with Facebook
"Nothing is truly free, and, unfortunately, the current business model for free services means that, essentially, we pay with our data."More
Story image
Top security threats for 2021
2021 will see several themes develop into full blown security threats, many of them borne from the struggles of pandemic-stricken 2020, writes Wontok head of technology Mick Esber.More
Story image
One Identity reaches out to SolarWinds customers following breach
According to the company, this free assessment seeks to help organisations navigate through times of uncertainty as attacks continue to grow in sophistication and complexity across the broad range of identity-centric risks.More
Story image
Red Hat to acquire Kubernetes-native security provider StackRox
Red Hat will further expand its security offering, adding StackRox's complementary capabilities to strengthen integrated security across its open hybrid cloud portfolio.More
Story image
Huawei: Corporates must focus on data minimisation and business continuity to mitigate data security challenges
"From a long-term sustainable point of view, organisations will need to adopt data minimisation and privacy by design and default."More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More