CEO Series: A nudge in the right direction
The price tag for cyberattacks is only getting higher. The average total cost of a data breach is now USD 3.92 million, according to the 2019 Cost of a Data Breach Report.
Is it fair to expect all employees to be experts when it comes to preventing cyber-attacks? No, I don’t think it’s fair or realistic. As employers and suppliers of network services, we are the ones responsible for mitigating risk and making it easier for employees to do the right thing.
The nudge theory, using positive reinforcements to influence behavior, is a great way to help employees down a more secure path. Passwords are a good place to start since these are the first line of defense. One simple, concrete way to “nudge” is to reward users for choosing longer passwords by extending the expiration period. Shorter passwords need to be changed frequently and passwords that appear on a list of leaked passwords shouldn’t be allowed at all.
Passwords continue to be one of the weak links in the security chain, according to recent reports. MSB, the Swedish Agency for Social Protection and Contingency, warns in a new campaign that almost half of all Swedes use the same password on several websites. Password reuse is a global problem. The 2019 State of Password and Authentication Security Behaviors Report surveyed 1,761 IT and IT security practitioners in the United States, United Kingdom, Germany, and France, and found that 51% of respondents reuse an average of five passwords across business and personal accounts.
It’s good that this topic is raised in different forums. But I want to point out, like I’ve blogged earlier, responsibility for preventing cyberattacks cannot be put on the general public or individual employees. This must be managed within the IT systems we depend on.
MSB’s campaign is running in the month of October during European Cyber Security Month. The purpose is to raise awareness and promote cybersecurity among EU citizens.
Help spread awareness, and block the security gaps!
I can promise you that there are leaked passwords in your organization. As you are aware, this makes it easier for hackers to carryout criminal attacks – 80 percent of data breaches are related to passwords. How do I know that your colleagues’ passwords are leaked? Two months ago we released vital software that provides a clear…Read More
Passwords have proven to be the weakest link time and time again. Organizations that want to secure their business must have the right policies in place, and work proactively with password management.Read More
Are there any consequences for ignoring IT security? A month doesn’t go by without new reports of companies and organizations suffering from data breaches. Unfortunately, this is just the beginning. The frequency of data breaches is on the rise, according to many analysts. Everyone agrees that IT security is important, but still many organizations fail…Read More