I have all ready talked about a number of ways corporate and personal information can be compromised by bringing to light a few of the security risks involved. Well, now I’m going to reveal what the absolute, without a doubt biggest risk you will face personally and professionally… IT’S YOU! Okay it’s me too, I am my own biggest risk as well. I wouldn’t exclude myself from this category. We are our own worst enemies. I have gotten better as I have grown more aware of the risks out there. To be honest, I have become more aware of risks by just talking to other people and having them just casually mention something that I consider a huge risk. My earlier blog “Something You Probably Never Thought About Regarding Your ID Badge” was inspired by an off the cuff comment someone made about leaving their ID badge in their car that was at the garage. Most people don’t realize how big a target they are much less how much they compromise their own security. I’d like to take this opportunity to mention that when I say people compromise their own security, I mean all phases of their security: personal, professional, and cyber security. They are all interwoven in some aspects because you could inadvertently compromise your own personal cyber security and do damage in your professional life as well.
The Human Element
We have all kinds of technology to provide us with security and protection from hackers, scammers, corporate spies and so on, but all the technology in the world cannot prevent the biggest risk: the human element. Security will always be compromised by the human element by incompetence, inattentiveness, or complacency. The technical aspect of security vulnerabilities can be fixed, patched, or updated to prevent the vulnerabilities from becoming a problem. Humans will always be vulnerable. We often over estimate our abilities, fail to pay attention when it matters, and many times we are unaware of the risks our security is under.
The Incompetent Ones
I’m not trying to offend anyone, when I say there are people that are incompetent. I mean it in the true form of the word, lacking ability. There are still some people who lack the ability to preform even simple actions on a computer. These people are generally also the ones that know nothing about social engineering tactics and often fall prey to their schemes. Everyone knows at least one of these people. I know several, and don’t get me wrong they are nice people, but it’s scary to me that they compromise their own security as well as in their work place. I don’t want to pat my own back here, but I have been helping a few of them by teaching them some of the basics. They don’t need to be experts in cyberspace or know what all the latest social engineering tricks are, but in my opinion they need the basics and not much more. That is unless they want to learn more, then learn away!
The Inattentive Ones
These people range in knowledge between novice and expert. We are all at times the inattentive ones because sometimes it’s easier to do things the easy way and not really pay attention to what we are doing. I’m sure we have all done things haphazardly just to get them done and over with, not really caring about the process or the end result. This can also be seen as being lazy. Being lazy on a rainy day when you have nothing to do is a great break from the hustle and bustle of everyday life, but it’s not so great when laziness compromises your security. Being lazy about your personal security could leave you open to being attacked or robbed. Inattentiveness to red flags is what hackers and social engineers count on to get our personal information. They want us to not pay attention so they can get what they want.
The Complacent Ones
These people are bit of a hybrid of the incompetent ones and the inattentive ones. They are unaware of their incompetence as well as the dangers that their security faces. These are generally the people that know just a little bit about computers. They know just enough to be dangerous, as I always say. They way overestimate their abilities and unknowingly risk their security because of their lack of ability. They think that because they do have some knowledge that they are safe from getting attacked. They feel that that it couldn’t happen to them. I feel I’m fairly competent, but I know I am still vulnerable to attack if I don’t pay attention. What makes them so dangerous is the fact that they are unaware of the dangers out there and satisfied with that and have no desire to change. These people pose a danger to others as well because as I have said before one wrong click and it could have wide ranging effects. They are also the ones who don’t want to change because they are satisfied with the way things are. They are the people that use the same password for everything or do not change the passwords and PINs to their important accounts regularly because they are content with things the way they are.
All of these different types of people that pose a risk to themselves and others can be mitigated by just paying attention and being aware of what is going on around you. It’s easy to forgo the little extra time it takes to make sure we know what we are agreeing to or clicking on. It’s also easy to forgo the extra security measures that will provide us better protection. But the benefits of paying attention, taking extra time, and putting in place that extra measure of security will far out way the convenience of getting it done faster. If you or someone you know is one of the incompetent ones, please either take the time to get some knowledge or ask someone who knows what they are doing to help you. If you are one of the inattentive ones, please pay attention. It really is as simple as that. Just take a few extra seconds to make sure you know what you are doing and what is going on around you. If you are one of the complacent ones, take the time to learn what you want to know and stop being satisfied with the way things are and make things better for you.