Twenty years ago, personal device technology was just beginning to advance. Computers existed, but the internet was far from the complex network it is today. People were still walking around with thick Nokia phones or flip Motorola Razrs, and tablets were nowhere to be found.
Because technology was in its infancy and cybersecurity wasn’t thoroughly developed, devices were easier to compromise. In fact, in 1999 U.S. President Bill Clinton had just announced a $1.46 billion initiative to improve government computer security, but savvy cybercriminals were still breaking in. Computer code infections like the 2000 ILOVEYOU worm, the introduction of denial-of-service (DoS) attacks in 2001, and emerging cyber threats proved that technology could be (and was being) attacked.
Today, things are much different. Cybersecurity is woven into the very development of new technology, and rarely is the technology itself the target anymore. At our Breaking Security Awareness Conference, Kelvin Coleman of The National CyberSecurity Alliance (NCSA) talked about how attack vectors have drastically changed in the last two decades—and what this means for the future of cybersecurity.
Here’s what you missed in the broadcast and how you can apply his advice to your business:
It’s PEOPLE, Not Technologies, That Are Being Attacked
When it comes to technology, there are three important categories that cybercriminals target:
For many years, we focused squarely on increasing security to better protect products and processes. “Now is the time to really focus on that last piece: people,” Coleman explains in the People Are on the Front Lines webinar.
That’s because cybercriminals are realizing that product and process security is getting stronger than ever before while companies neglect one of their strongest cybersecurity assets of all: their employees.
Instead of attacking digital products, cybercriminals are now attacking the people behind the technology in highly targeted social engineering attacks.
Because your employees are now the target of digital threat actors, they’re often blamed by management and IT when breaches and other cyber attacks occur. But the NCSA and our team at Living Security are working hard to debunk this negative culture around human cybersecurity. Instead, we believe it’s your employees who hold the greatest power in increasing your cybersecurity—and we’re here to explain why.
It’s a Good Thing That People Are in Control!
In many instances, people are smarter than technology. They have awareness and the ability to critically think, rationalize, and emote in a way that technology simply cannot.
We believe that with the right cybersecurity awareness training, your employees can be even stronger defenses than your technical security measures. They’re able to actively spot and react to suspicious security dangers in a way that no automated threat detection software can match. But it’s only possible if you make your team believe in their power!
When your team feels positive and responsible for keeping your company safe, they take pride in their role in enforcing your security. They feel invested in your organization’s security posture and want to unite to help keep your company protected. When you make your team feel like true advocates for your security—instead of your greatest weakness—they increase your security and ensure product and process vulnerabilities are monitored as well.
Changing Your Culture Around Human Risk
The National Cybersecurity Alliance and our team at Living Security both agree that with proper education on digital threats, your employees can strengthen your security. It all starts with adopting better human risk management practices.
To begin creating a more supportive culture around your cybersecurity, read our 4-Step Guide to Cybersecurity Human Risk Management.
Tune in for More Cybersecurity Webinars
If you found our People Are on the Front Lines webinar inspiring, there’s more where that came from.
Attend this month’s Breaking Security Awareness webinar, Unifying Risk at 2 p.m. on Thursday, September 30. In case you missed any of our past webinars, not to worry, we recorded them for you!
If you’re looking for a platform that makes cybersecurity awareness training easy and effective, look no further. Request a demo of our Human Risk Management Platform today.