It is well known that humans are the weakest link in the information security chain, but specifically, who are them? Well, you may guess, “they” are everyone. I have been in both sides, as a user and as a system admin; and in both sceneries humans tend to make mistakes. It’s human nature.
A lot have been investigated, written and said about how to better protect companies against the unstoppable proliferation of advanced and sophisticated cyber-threats/attacks. By default, and by common sense, we tend to think that by adopting and implementing cutting-edge security technologies, companies will be on a better position to stop, prevent, and reduce security threats from cyber-criminals. This is not so far from reality. Lots of technologies have emerged and being adopted to reach that goal. Among these technologies are: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewalls, Antivirus, Network Access Control (NAC), Proxies, Gateways, Advance Threat Analytics (ATA), Sandboxes, Multi-factor Authentication (MFA), Artificial Intelligence (AI), and Machine Learning (ML) solutions to mention a few. However, security and data breaches still happen and are on the news all around the world, every day.
As of these days and since a long time ago, many businesses and enterprise know and take for granted that if they wish to be successful or competitive in their respective markets and industries, they should start using information technologies to achieve it. Nothing is farther from reality than this belief. It is a fact that any business or enterprise not using current technologies for its operational processes plans and marketing strategies will find it very difficult to achieve its goals and objectives of conducting business on a highly competitive and technological world as is todays; so a significant share of its yearly budget should be assigned to this item.
Dr. Gilberto Crespo is an information security researcher & technology expert.