Why human nature gets in the way when it comes to security

Written by on July 26, 2017 in Opinion with 0 Comments

By rangizzz / Shutterstock.com

It is not the most comfortable feeling when you see fit to disagree with a President. Oddly, the President on this occasion is not the incumbent, but Franklin D. Roosevelt.

He famously said, during his inaugural speech, “let me assert my firm belief that the only thing we have to fear is…fear itself — nameless, unreasoning, unjustified terror which paralyzes needed efforts to convert retreat into advance”.

The thing is that we do have something to fear which is not just fear, and it is now such a part of life that, being human, we are basically ignoring it and hoping it will be OK.

The cyber attack.

Some humans talk the talk, to little effect.

Apparently, according to a survey, the Internet Society’s 2017 annual survey revealed the topmost concern for users is security, whereas previously it was access, the organisation’s president and CEO said’.

No s**t, Sherlock.

According to a recent report, half of German companies have been hacked, attacked and/or had data stolen. Half. How many million is that?

And now we also know that a cyber attack is capable of bringing down infrastructure. Energy grids can be compromised and taken offline. Military aircraft can be hacked for very little money, so can Segways.

We should be afraid and we should be taking action. All of us.

But we are not.

We have built a ‘Somebody Else’s Problem Field’ around it and we are carrying on and keeping reasonably calm. In fact, according to (yet another) survey of security professionals, the vast majority of workers are far more concerned about getting their job done than about security. 94 percent said this, whilst 64 percent of security professionals admit to modifying security to allow employees more freedom to get their work done because of a request from leadership. And 40 percent of them admit to turning security off to accommodate a request from another part of the organization.

Scary.

And we assume that someone else is taking care of it, and we worry in a slightly abstract way that they are not being very successful because we get daily accounts of another, even more dangerous, security breach.

There are, of course, things that we can do about it. And some of us do them. Our esteemed colleague Tony Poulos, for example, has 600 different passwords, all generated by a highly, super encrypted Random Password Generator.

Companies, too, are on the case, but the problem with security is that the good guys are always on the back foot. We cannot know how far ahead the bad guys are (or who is behind them forking out cash), and therefore all we can do is react.

Possibly the only good news in the whole security nightmare is that we are able to react faster and faster.

Cynical as we may be about it, AI might be very useful in this most important of all battles. And let’s be clear, we are not talking about the over-hyped version of AI, that, according to the press releases, knows what you know before you know that you know it.

The more common, real version, where AI can look things up extremely fast, and react, is useful. It can ‘learn’ in as much as it can spot patterns that are not ‘normal’. So, perhaps, security is one area where AI can be used for the greater good.

Let’s hope so, because if we leave it to human intelligence, we’ll be too busy making the tea and answering emails to do anything about it.

Tags: , , ,

Alex Leslie

About the Author

About the Author: Alex was Founder and CEO of the Global Billing Association (GBA), a trade body focused on the communications sector. He is a sought after speaker and chairman at leading industry conferences, and is widely published in communications magazines around the world. Until it closed, he was Contributing Editor, OSS/BSS for Connected Planet. He is publisher of DisruptiveViews and previously BillingViews. .

Subscribe

If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top