If you’ve ever been to a Chinese restaurant with paper placemats or just happen to be an amateur authority on Chinese folklore, you probably know that 2017 is the ‘Year of the Rooster’. Comparatively speaking, if the world of technology had astrological divisions, we would discover that 2017 is shaping up to be the ‘Year of the Human’. If we can learn anything about data security from our lucky rooster friends, it is their propensity towards resourcefulness and frank discussion - that may help us collectively during this ‘Year of the Human’.
Regardless if you’re a rooster, a rabbit, or a rat, if there is one thing that 99.9% of us hold in common it is our mutual dependence on technology. Hopefully, you’ve seen the signs of the times and know that cybercrime is a serious threat to both our personal and business data. Virtualized criminals have had the capacity for some time to wreak havoc and lay pillage to our data without having to depart from their own familiar surroundings.
Thus, cybersecurity has evolved into a cat and mouse game of one-upmanship, where depending upon one’s allegiance, either side can be proactive or reactive to developing threats. For the good guys, despite our best efforts in attaining success and security, definitively safeguarding data remains an elusive and ongoing technological goal.
Enter the ‘Year of the Human’! As cybersecurity experts rightfully pivot and adapt to ongoing cyber threats, we have absorbed the fact that firewalls and endpoint security may never be wholly adequate on their own in securing our data. After all, human interaction with technology is both its point and inevitable. Just as technology is a tool for humans, security itself must account for and adapt to the inevitability of human error. In response to this reality, cyber awareness training, what I like to call a behavioral firewall, becomes an obvious necessity that coincides with our best technological efforts to combat digital crime.
Through social engineering which results in ransomware – fueled by our propensity to click on links we shouldn’t – keeping your data secure becomes even more challenging. Security teams can no longer afford to rely solely on their technical toolkit to keep your data safe. Five years ago, Techworld.com reported that 91% of cyber attacks began with a spear phishing email. There are two truths to be gleaned from this report. First, the problem has not improved with the passage of time. Second, for these attacks to succeed someone had to click on something that was best avoided. Thus, we must realize that our best efforts in achieving broad security must encapsulate both technology and cyber awareness training for humans.
In the end, it doesn’t matter what your sign is, because we hold our humanity in common. We all make mistakes, and if learning to avoid common missteps hastens us to enhanced security, then let’s embrace the ‘Year of the Human’ and train ourselves to be hardened targets against the worst of human behavior. Together, we will learn that a well-rounded security structure is the combination of technology and education which reduces complexity and builds confidence in our combined efforts.
For more on the human element of cybersecurity, I would like to encourage you to register for Season 3, Episode 7 of Microsoft Office’s Modern Workplace webcast series, which airs on March 7, 2017 at 8 AM PST / 4 PM GMT.
Please note: this is a Microsoft Office-sponsored post.