Why do we continue to fail on cyber security

Short answer:

Because anyone is hackable due to being ignorant on what security is (of course, until he is hacked).

Long answer:

Human ignorance,  about everything that might happen and it is not certain to happen.

According to Webster.com, the definition of IGNORANCE is:

: a lack of knowledge, understanding, or education : the state of being ignorant

[noncount]
  • ignorance is bliss
— used to say that a person who does not know about a problem does not worry about it
In a company, every employee expects the company’s IT department to take care of security.
At home as well as at work, people just hope for the best that they will never get their PCs infected, their online accounts hacked, their online identity misused, their bank accounts hacked.
Why ?
Because people think : this can’t happen exactly to me.
WRONG!
You are the product to be hacked!
Even if they don’t steal anything from you and they don’t do you any harm, they will use your computer or your social media accounts to spread malware or make money from clicks.
How?
Remember to have done one or more of these actions?
– that link with the almost naked woman that you clicked on Facebook? Well, what happen is that you LIKED that page and everyone else now sees that on your profile. Yes, your wife or girlfriend as well. And your mom… if it matters. But this is not the problem. The problem is that all other your contacts see it and will probably click on it since you recommended it. It is called clickjacking.
– that media player codec that you installed to be able to see that cool movie (I won’t risk to repeat myself which kind of movie) ? It wasn’t a codec… it was a trojan….
– that time when you deactivated the antivirus software because you thought it slows down your PC and especially your download? Yes, I know it was just one that time, but the software you downloaded faster because the AV was not running, was malicious and now it  really slows down your computer.
– that cool app that was suddenly available for free when normally it cost 89 cents? It was free because now it contains a trojan that sends expensive SMSes or delivers ads in each webpage you visit. Not to say that it might also steal your credentials (email, social media, bank accounts)
… the list is very long…
Conclusion
Can it be that the security industry is trying to fix the wrong problems?
They protect the device and not the user?
But, how do you protect a user from himself?
Let me know if you know the answer.
Security comes always with a price and most of the time it comes at the cost of usability.
Not many are willing to pay this price. But maybe they want to pay the price for a good security software?
This is also happening less and less…
If you care about improving your security, there is a free eBook you can download.

© Copyright 2014 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close