The war against cybercrime is being waged from all sides of the divide since it is a glaring fact that nobody is being left out of the onslaught. Businesses both small and large, governments, and individuals are attacked by hackers.
Hackers are not sparing anybody. The Scmagazine of 4 December 2017 reported that PayPal Holding acknowledged that a data breach at recently acquired payments processor TIO Networks compromised the personally identifiable information of roughly 1.6 million customers.
There is also the report where recently the National Privacy Company (NPC) gave ride-hailing company Uber PH 48 hours to provide detailed information on its data breach.
It is, therefore, glaring that cybercriminals have not relented and there is no sign that they are planning to do so very soon. One may be tempted to ask why there are still all these breaches despite all effort being put in place by governments, businesses, and individuals?
The general belief in the security world is that it is more difficult to defend (protect systems) than to attack (break systems). It takes cybercriminals to only find one soft center in order to wreck their havoc.
On the other hand, the patching of a breach may not be as easy as that. A lot may be required before effecting a correction. The CIO and the team must be constantly on alert, protecting every bit of the network against intrusion.
Cyberterrorism can be likened to conventional terrorism in the fact that it weakens the resolve of the people; for this reason, our utter neglect to the human dimensions of cyberterrorism is a measure that is counterproductive.
It will make a good approach if policymakers direct their attention to the emotional distress that cyberterrorism causes.
Measures like SSH, VPN, Firewalls, Plugins, ACLs, Antivirus, DES, AES, and Cryptography have all been put in place to tackle the menace of cyber terrorism but the angle we have not given so much attention is the human angle. The following are four ways automation will help in curbing the weaknesses introduced by the human angle in cybersecurity.
1 . Carelessly dropping passwords
One angle through which flaws and breaches occur is by allowing passwords to fall into wrong hands. Even sometimes people paste passwords to the sides of systems for remembrance.
These are weak points a stalking cybercriminal can capitalize on. Anybody who can have access to the system’s passwords definitely can assess all the data and information stored there.
ISACA reports that as technology continues to evolve, so do attacks. Over the last five years, remotely exploitable zero-day vulnerabilities continue to fall while credential harvesting, password weakness, and ineffective patch management continue to rise. Only a thorough and comprehensive strategy can stop highly targeted and damaging cyber attacks.
- Short supply of skilled labor
Another pointer to the fact that automation is long overdue in the area of cybersecurity is the shortfall in skilled personnel. The IT section of any organization can never be joked with. There must abound well trained and highly qualified employees to handle the section.
This, however, is not always the case. For example, 55 percent of the organizations responding to a recent survey said them it took them at least three months to fill open security positions, while 32 percent said it took them six months.
In the same vein, 37 percent of those surveyed said that fewer than one in four candidates had appropriate qualifications for the position they wanted to fill.
- Risk from competitors
Another angle we hardly give a thought to is the risk factor from competitors. Inasmuch as we do not see this as actual cybercrime, it portends a very big source of security leaks.
It is possible for an IT personnel from one firm to move jobs and along with all the information from the former organization. This portends a risk factor for the former organization.
Depending on the circumstances that led to the movement, highly prized information could be divulged.
- Internal leaks
Another serious angle is that of members of staff who actually and intentionally for one reason or the other release security information to cybercriminals. Some of these people do it for monetary rewards while others may do it just to spite the organization.
Automation apart from being a financial resource-saving measure since you won’t be needing all the extra hands required to effect a particular action cuts all the leaks that ordinarily could have been brought about by the human factor.
While it may be true that this angle has to be budgeted for, it must be realized that the tool will have to be used until it runs out its depreciation cycle, while the human must be given a raise from time to time.
