In an era where every facet of our lives intersects with technology, the specter of cyber threats looms larger with each passing day. The speed and precision with which malicious actors adapt to defensive measures have kept individuals, organizations, and even nations on tenterhooks. The recent security transgressions on a global scale, intertwined with geopolitical tensions, have thrown into sharp relief the pressing need to fortify our digital bastions. As we stand on the threshold of 2024, the imperative to discern the looming cyber challenges and strategize proactively has never been more critical.
As an information security practitioner, I closely follow the World Economic Forum's Global Risk Report. The 2023 edition has underscored the escalating prominence of cybercrime and cybersecurity as a global risk. "Widespread cybercrime and cyber insecurity" has made its debut in the top 10 rankings of the most severe risks over the next decade (WEF, 2023).
In the digital age, the importance of information security cannot be overstated. As we navigate the complex landscape of cybersecurity, one factor often stands out as both a potential risk and a line of defense: the human factor. This was the focus of my recent doctoral dissertation, where I explored the behavioral and cross-cultural factors that influence an individual's intention to comply with information security policies.
Hello, readers! With over 24+ years of experience in the field of Information Technology, I've had the privilege of witnessing firsthand the transformative potential of artificial intelligence (AI). As we navigate this exciting digital era, a particularly fascinating yet daunting frontier is the advent of autonomous AI systems. These systems, capable of learning and making decisions independently, are poised to reshape our world. However, they also bring significant risks that we must confront and manage. Today, I'll share some insights on these challenges from my personal vantage point.
We live in an increasingly interconnected world where personal and financial information is more exposed to online risks than ever before. Identity theft and data breaches can trigger difficult and stressful situations for victims. Therefore, it is crucial to be informed and know how to react to these incidents. In this article, we offer valuable measures and advice for dealing with and preventing identity theft or the leakage of your personal data, and we teach you how to protect yourself and recover from these situations.
Chatbots like ChatGPT have become increasingly popular in recent years, thanks to their ability to provide instant customer support and personalized interactions. However, as with any technology, there are also security concerns associated with their use.
Have you ever used an AI chatbot to get answers to your questions? If you have, chances are you've used a tool like ChatGPT. ChatGPT is an AI language model that can understand natural language and provide human-like responses to queries. While it's a useful tool for many applications, there are both pros and cons to consider when using ChatGPT.
Users' deviant behaviors, unawareness, misuse, apathy, and resistance are usually the primary reasons for security breaches. Furthermore, there is a significant lack of information security studies on how the cultural phenomenon impacts the intention to comply with information security polices among individuals from different cultural backgrounds. Thus, the objectives of this study were to empirically examine which behavioral and cultural factors influence most in the individual’s security intention to comply with information security policies (ISP), and how complying with these policies can vary between countries and cross-cultural backgrounds. It also sought to understand the competing factors that could potentially impact the security performance by keeping down cybersecurity risks. In order to answer these interrogants, we administered a web-based survey, sent by e-mail and posted on various professional forums, to information security professionals and practitioners from AMER, APAC and EMEA business regions.
We successfully developed a model with high and accurate levels to predict employee’s intention to comply with information security policies. This model was validated with multiple statistical analysis, including PLS-SEM, bootstrapping, and multi-groups analysis to corroborate the existence of differences among cultural-backgrounds. Our results demonstrate that there are significant differences for APAC and EMEA, but not for AMER, in their corresponding relation with the intention to comply with ISP.
We also identified positive and negative correlations between cultural and behavioral factors, which could help to better understand how they can also impact the security posture of an institution. Findings from this study could contribute to existing literature by demonstrating the influential effects of Individualism, Power Distance, Masculinity, Uncertainty Avoidance, and Long-term Orientation on the actual information security compliance behavior from different business regions, a research field that had remained unexplored. Furthermore, given that our results suggest that by complying with ISP, companies can reduce cybersecurity risks, organizations should consider getting their employees to believe that by conducting in a secure way and complying with ISP, can keep security breaches down.
It is well known that humans are the weakest link in the information security chain, but specifically, who are them? Well, you may guess, “they” are everyone. I have been in both sides, as a user and as a system admin; and in both sceneries humans tend to make mistakes. It’s human nature.
Dr. Gilberto Crespo is an information security researcher & technology expert.