Why is Cybersecurity so hard? Why do so many companies(people) get hacked?
Security is People, Process, and Technology – how to do Cybersecurity effectively?
We tend to focus on the technology, don’t forget Process (security policy) and People training. We can help you with Security Policy, training and testing your technology.
We have made it our mission to help SMB(Small and Medium Business) companies create a new awareness for people who need it. As there is no SOX compliance(a public company requirement), and thus ‘some’ people do not do what is necessary to defend their computers. I do understand that most people are busy running their business with the various numbers of problems and risks in the marketplace without worrying about cybersecurity.
Even though I am in the business of cybersecurity and I think about this most of the time, I do realize most people do not think about cybersecurity. All of us expect for IT to work not to a security problem. But in 2024 (now 7 years after this page was first placed on the internet) things have changed to the point that the attackers are more successful and we have seen many situations where IT issues caused multi-million dollar problems.
The following blogpost discusses why people do not spend the time necessary on Security.
http://oversitesentry.com/the-psychology-of-security/ (this may be a bit technical)
To understand why people do what they do is to figure out the Psychology of Security.
We are risk seeking when we take the risk (risk seeking in losses) due to the natural inclination of not vividly seeing ourselves in a worst case scenario. The chances are nothing will happen thinks the business owner, so we hope/wish it won’t. If there is a chance in failure (like a cybersecurity attack that costs $200k) on the one hand and on the other a chance that nothing will happen… then most people (70%) will think nothing will happen to them.
So we are risk seeking in losses
1. A chance $200,000 in losses with a cybersecurity attack == 30% of people perform cybersecurity defenses
2. A chance of no losses with a potential (real or imagined) cybersecurity loss == 70% of people choose this (to do nothing)
This security trade-off happens unconsciously without your knowledge.
How many cops wear a bullet-proof vest on a daily basis?
How many people wear a bullet-proof vest even in dangerous situations?
Human Psychology is risk-seeking in losses. We would rather take higher risks than spend time and money reducing the risk, because we believe we can get away without spending any time and resources.
At Fixvirus.com we think this is a false narrative – we must protect our network and we will still get attacked and thus get hacked anyway. (Target, HomeDepot, and all others).
So it is not a matter of do nothing and there is a chance nothing will happen.
If you do nothing – YOU WILL GET HACKED period.
Now what we need to discuss in this new normal what do companies really need to do? Risk management? Failed as well.
What we need is a new method that uses a philosophy of we are hacked, now what.
Do you think that your inability to use computers makes hackers less capable as well?
The exact opposite is occurring, the general public does not understand computers like the hackers do. So if there is a cybersecurity hole then it will be found.
No one will be unscathed, Now with this in mind, the headlines of this year make more sense. millions of credit cards stolen, Personal Information on a single person is only worth $1 on the Darkweb… why ? because there is a glut of supply.
To me that is the ultimate proof of the amount of hacking going on (and the amount of ignorance) $1 for each PII (Personal Identifiable Information) proves it.
Contact Us to discuss what this new method means for you.
It is not always knowing what to do, it is also executing these actions correctly to reduce and remove the hackers from your network.
We recommend a Minimum level of cybersecurity defense as posted in this blogpost: Oversitesentry 10/31
Updated 10/29/2024