The bad guys don’t need to waste their time trying to break into a computer system or cloud service using complex technical skills.
They just have to find someone willing to open the door and let them in.
This usually happens when a staff member or trusted third party:
- Enters their login credentials on a bogus website (handing over the details to the bad guys),
- Opens a malicious attachment which installs malware that records their keystrokes), or
- Reuses the same password on multiple systems, and one of those systems gets breached.
So What?
When we think about cybersecurity, we usually jump straight into the technology solutions – And there are many solutions out there.
But if we don’t focus on the humans who have keys to open the front door, this technology is unlikely to protect us.
This is why the simple, unglamorous act of training staff and maintaining their awareness of why and how they are targeted is so beneficial.
Simple steps can bring significant benefits.