Friday, February 2, 2018

To err is human... ¿and not to avoid the error?

“Errare humanum est” is a Latin expression that means “To err is human”. This is what ancient Romans said and they were right. Many things have changed since Roman times but, just as then, man continuous to make mistakes precisely because, he is human. Over time this expression evolved to “To err is human but only idiots persevere in error”. This week, considering the amount of human errors that have been made in the cybersecurity world, it seems that many have stayed in the first version of the expression. 

Curretnly email is the basis of the communication of any company, we all agree. Once again we have talked about the disuse of this tool but, let´s face it, that doesn´t seem like it´s going to happen at some point in the near future. And less now that it has been discovered that last year 120 billion corporate emails were sent per day! Due to its universal nature, emails are an important source of information and therefore a key target for attackers. This year we must mark as a purpose the protection of information, in this article written by Prakash Linga, CTO of Vera, for HelpNet Security he talks about how to achieve it through security protocols and the security training of our staff.

Earlier in the week we discovered, thanks to a study conducted by IBM Security, that users begin to prioritize security over convenience, especially in applications and websites related to financial matters. This study also highlights the generational gap in the use of technologies and how this age difference is reflected in safety hygiene. While the older ones take care of the security of their passwords, the younger ones do not worry so much. But, in the middle of this chaos, biometric security measures have arrived and 44% of the respondents have positioned themselves very much in favor of these measures. Will eye recognition and fingerprinting be the security barrier we need to stop erring?

If someone has taken the palm this week in regards to human errors, without a doubt, it is Australia. Leading a historic security scandal that has shaken the very government, Australia has starred in a situation so surreal that it seems unreal. A man goes to a store selling second-hand items and buys two padlocked file cabinets. When you get home and break the locks you will find hundreds of official documents inside. These documents reveal, among other things, the internal functioning of five Australian governments during the last ten years. Welcome to the movie "The Cabinet Files", as it has been called the one that is equated with the filtering of Wikileaks papers. To err, or not to err, that is the question.

It´s not the first time that, from CIGTR, we tell you that the human being is the best defense in terms of cybersecurity. Well, it´s also your biggest risk. In most data leaks there is a human failure. Thanks to HelpNet Security we have a list of simple measures that we can take to improve the risks of human failure. Changing the password policy of your company, for example, is one of the measures that, despite their simplicity and speed, are not usually carried out. Using SysAdmin or DevOps enhancements will reduce employee access to passwords thus reducing the possibility of making an error.

We are human and we make mistakes, accepting this fact is the first step to solve it. Thanks to technology there are multiple ways to avoid these failures, so why not avoid them? Having located our weak points will be easier to take measures to put an extra effort and protect our Achilles heels.


Post a Comment