Light Dark
February 20, 2017 By Julie Murphy 2 min read
Data Protection
Endpoint

Ever go on a date that seemed to be going well, with lots of conversation flowing? Did you share more than you intended?

With mobile devices increasingly becoming an extension to our daily lives, it is easy to forget that all those fleeting comments and idle searches are stored locally or on applications. How could this tiny vessel of knowledge in our pocket be a cause for concern?

Time to Make Security Personal

Cyber psychologists suggest that disclosures and behaviors are enhanced online, just like oversharing on a first date. Inhibitions are reduced and conversations are falsely considered private.

A device is the proverbial diary in your pocket, but it is made available online. You are accessible to online friends. Your information is collated and available to corporations because you accepted a license agreement that allows applications access to device data, private or professional.

The traditional office is dead. From a business perspective, more data is available online on devices beyond corporate borders, which often hold both personal and professional applications. This is a fundamental corporate risk. It’s time to make security personal.

The Changing Face of Cybercrime

Who is the typical cybercriminal of today? It’s no longer a mythical hooded person in a basement, but that well-dressed older lady to your left or the young, dapper gentleman to your right. Tools and tutorials are readily available, meaning anyone and everyone is a potential attacker.

As the face of the stereotypical cybercriminal has changed, as has the motivation for committing cybercrimes. However, we typically only hear about complex, sophisticated attacks in the media that reinforce the illusion that the average user is reasonably safe.

Hackers’ motivations range from white-hat or altruistic efforts to personal problems, desperation, financial gain or simply because they can. The biggest lure to cybercrime is the perception that it is low risk and anonymous. Once a single device has been breached, the opportunities for a threat actor only multiply. Who is liable in these cases?

Make Personal Security Your Business

The eyes of most employees glaze over when they hear about security policies or experience a sense of guilt when IT sends an email. It’s important to understand what matters to people today. How many employees are unsure about their personal security online? Do they have concerns about their children or older parents online? If they have a vested interest in security, they will adopt secure behaviors.

Why spend a fortune securing assets if someone leaves the door open? Make security personal. If awareness is interesting, current and personal, people will want to listen. Tell a security story, reward good behaviors and encourage questions. Speak the language they want to hear and ask what their concerns are. Keep it relevant to them.

Awareness efforts simply need to interest people personally to be effective professionally. That’s why it’s critical to make security personal and help users become the masters of their own safety.

Listen to the podcast: Take Back Control of Your Cybersecurity Now

 |  |  |  |  | 
Julie Murphy
Ethical Hacker, IBM

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature