You can install all the technology you want to protect you from a cyber attack but, if you don’t motivate and utilise your greatest asset – HUMANS – you’re missing a terrific opportunity to manage your risk.
There have been many studies over past years which show clearly that “people risk” ie the risk of your technology users being the entry point for a cyber-attack, is the most important risk to manage.
So, let’s get to why people risk isn’t being managed. Mostly, it’s because it’s hard. Installing a piece of software which automates a process for risk management is, by comparison, easy. But, convincing users to be more aware, and then to actually change their behaviours, is hard!
People are complicated
They may lack confidence in their ability to use or understand the technology they work with. Their reason for technology use may just be because they are required to use it for whatever role they work in.
They may be completely disinterested in technology.
They may also feel as though there is already enough to manage and be responsible for. Unfortunately, staffing pressures due to COVID, have added to any pressure of work which was already there.
What to do
Ensure your Cyber Security Strategy addresses your people risk sufficiently.
Balance the activities required and the importance of managing people risk, back against the investment of time and budget you’re making in technical solutions.
and
Join our live Masterclass to find out how to get people to actually follow your policies and procedures.
Our Masterclass is on Thursday 20 October 2022. Visit our website page for more details or contact me. It’d be great to hear from you!
—
ROI Solutions provides services to support effective governance, reduce risk and meet compliance obligations for clients. Our focus is on cyber and information security risk.
Karen has more than 20 years’ experience working with senior leaders and technology. She is an accomplished consultant and coach, and is passionate about organisations’ successfully managing the people risks associated with technology use.