Categories
Latest News

Cybersecurity: Fighting the wrong battle with the wrong weapons

Nuix has published a provocative new white paper claiming that the technology industry has been “fighting the wrong battle with the wrong weapons” against cybersecurity for the past 20 years. The paper, by cybersecurity veteran Chris Pogue, argues that in order to fight insider threats effectively, human vulnerabilities must be solved first.

Nuix has published a provocative new white paper claiming that the technology industry has been “fighting the wrong battle with the wrong weapons” against cybersecurity for the past 20 years. The paper, by cybersecurity veteran Chris Pogue, argues that in order to fight insider threats effectively, human vulnerabilities must be solved first.

Pogue has investigated more than 2,500 breaches and he states that “exactly zero were caused by non-human-initiated system failure.” The white paper includes a strategic battle plan and a practical action plan for organisations to focus on using technology, people, and processes to address the problems that individuals pose in cybersecurity.

The white paper examines five cognitive biases – “bugs in our brain software” – that cause people to make poor decisions. It examines how other industries have learned to deal with these biases by concentrating on changing human behavior, and applies these lessons to the fight against cybercrime.

“Do we have what it takes to outsmart our own brains and stop ourselves from repeating the mistakes of the past?” said Pogue.  “Hopefully we can set ourselves up for the next 20 years, get serious about security, address the real human vulnerability, and start reclaiming surrendered ground.”

To read the white paper in full click on this link: http://www.nuix.com/media-releases/cybersecurity-industry-new-research

One reply on “Cybersecurity: Fighting the wrong battle with the wrong weapons”

More and more legal firms are investing in End User Security Awareness Training and Testing – the number one way to stop staff falling victim to cyber attacks.

Best practice services provide:
1.Baseline targeted phishing email sent to all staff.
2.All staff receive relevant training at their desk
3.Regular test targeted emails to keep employees vigilant and provide additional training where required.

It is only by continually running targeted phishing emails to end users that training will make an ongoing difference. Regular tests results in a culture change that makes all staff vigilant against modern cyber threats. This in turn stops them causing security incidents. We offer free guides – see: http://www.infosec-cloud.com/security-awareness/security-awareness-training-free-guides/

Comments are closed.