Cybersecurity — more specifically cyber security breaches — has been in the news a lot recently. Equifax, England’s National Health Service, and other high-profile breaches have been drawing significant attention to the fact that a person’s data might never be as secure as they assume.
For businesses and individuals worried about data security, either their own or that of their customers, breaches of large organizations and government departments must look pretty scary.
Cybersecurity Is Effective — Until It’s Not
There’s good news and bad news. Let’s go ahead and get the bad news over with first: It’s true that your security probably isn’t as good as you think it is. The reason being that black hat experts are always innovating and looking for ways to defeat cybersecurity, and problems often aren’t discovered until they’re exploited.
Systems that are otherwise secure can be compromised by simple user errors; such is the case with websites based on Drupal, where something as simple as forgetting to delete a changelog can give hackers more information than you’d like.
There’s also mounting worry that networks which we consider to be secure, such as mobile networks, may be easily compromised in the near future. The thing about cybersecurity is that it’s a constantly evolving challenge in a constantly evolving field. Computer science is an ever more popular field — according to Grantham University, jobs in the cyber security field are expected to “grow by 12% between 2014 and 2024” which means new jobs, more experts in the field, and more people making and breaking new technology. Most new technologies aren’t truly tested until they’re released into the wild, no matter how rigorous the penetration testing is in development.
The Most Common Security Threats Are Easy to Fix
The good news is that your cybersecurity might be a lot easier to control and shore up than you think. The thing about cybercrime is that defeating security systems by brute force (hacking them directly) is difficult and time consuming. Many hackers rely on human error to gain access or target systems with lax security that are connected to the systems they’re really after.
This is an important consideration for your personal use of technology and for businesses. You’re more likely to get “hacked” by clicking a link in a phishing email, or neglecting to secure a mobile device, than you are to be targeted by ne’er-do-well code prodigy hacking their way through encryptions. Most of the biggest security threats, such as unsecured networks, account hacks, and malware infestations, are due to the neglectfulness or unwitting complicity of innocent users.
People being the biggest security threat is especially true for business cybersecurity. Employees connect personal devices to the work network or are untrained in recognizing phishing attacks. Freelancers can be even more of a security nightmare, depending on what information they have access to, as their credentials are even more difficult to control. Work-at-home employees using unsecured personal networks to complete job tasks present yet more vulnerabilities. There are so many ways to compromise security using simple human error that these tactics are often the preferred method of attack.
So yes, one day hacklers might force their way into encrypted networks that we all thought were safe, and maybe the rise of quantum computing will make traditional encryption obsolete, but your biggest concerns are the ones that are easiest to fix. You can significantly improve your odds of keeping data safe by accounting for human error and working to understand how all the devices on a network interact.