People are stupid!
Before you click away, let me tell you a story…
I went to a conference recently and got a few pens and a couple of Hershey’s chocolate minis. I put it in my pocket and went my merry way.
When I reached home, I pulled out the pens from my pocket only to find some brown stuff on one. My immediate thought was that it was the chocolate melted and leaked out onto the pen.
To test this theory, I licked it, and… let’s leave it at that for now.
I could have just smelt it, or not bother and wipe it off, but I chose to taste it instead.
I say this not to gross you out, but to say, that no matter how smart you may think you are, you do some really stupid things sometimes.
The same thing happens with emails with seductive subject lines. Or links that promises something good if you click it. Things that lead to only bad things for users, and your data.
You would think that incidents such as these would never happen?
After all, you’ve spent loads of time training users. You’ve handed out lots of information about being safe on-line. You’ve shared instances of breaches due to human error.
But they do.
We should know better. It should be an automatic feeling that clicking that link or opening that attachment is a bad idea.
But we do it anyway.
That is why I say that awareness training is part of an arsenal that you have to stave off malicious attacks. But there’s bound to be some human error sometime, and you have to be ready for that.
So you have to have proper and updated anti-virus and anti-malware software. You need to put in that next generation firewall protection on the corporate network, and more firewall protection on PCs. You must have properly functioning backup systems in place to protect your data.
Technology needs to get better. Law enforcement needs to be stronger.
You still need security awareness training, and if the human being was perfect, then awareness training may be all that was required to protect your data.
But we are not.
As for that brown stuff… it was chocolate. But what if it wasn’t?… EWWW!