• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

#RSAC: “Users Are Not Stupid, So Don’t Treat Them Like They Are”

You are here: Home / General Cyber Security News / #RSAC: “Users Are Not Stupid, So Don’t Treat Them Like They Are”
June 10, 2022

In a session at the RSA Meeting 2022, Julie Haney, a laptop or computer scientist at the Countrywide Institute of Benchmarks and Technology (NIST), detailed 8 cybersecurity pitfalls that she has determined that corporations can and should really stay clear of. The pitfalls include thinking about customers to be misinformed or “just stupid,” which is not probably the circumstance in any circumstance.

“As security pros, you actually are carrying out a incredible company and safeguarding your companies, your end users, buyers and often even your communities,” Haney advised the RSA Meeting viewers. “Despite getting the noblest of intentions, you and your colleagues might slide sufferer to some common pitfalls that, in actuality, close up stopping people from acquiring their total probable of becoming lively and educated partners in security.”

The Eight Pitfalls of Cybersecurity

Usability is a vital problem for effective cybersecurity. Haney reported that efficiency, efficiency and satisfaction are actually three main concepts of usability.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


She described that effectiveness is irrespective of whether or not a consumer can realize their targets. Performance is the resources the user has to expend to accomplish individuals ambitions. Gratification is seriously how effectively person demands and anticipations are satisfied when interacting with these units and companies.

The eight pitfalls identified by Haney are actually centered on the security community’s normal inclination to target on technology as the option to all security issues while failing to take into consideration the human aspect and security. By the human component, she described that it’s about the social and individual elements that actually influence the adoption of security methods.

The eight pitfalls are:

  • Not identifying all the consumers in security.
  • Assuming users are silly or hopeless
  • Not tailoring communications
  • Placing too considerably load on end users
  • Creating customers into insider threats because of to lousy usability
  • Assuming the most protected alternative is very best
  • Using punitive actions to get customers to comply
  • Not thinking about user opinions and person-centric evaluate of usefulness
  • Haney explained that the very first three pitfalls are all about what occurs when you don’t just take the time to know and enjoy your consumers. To overturn the initial three pitfalls, she suggests that management and vendors empathize with end users. For the second established of pitfalls, she suggests that corporations take into account usability screening and supply equipment and actionable achievable assistance to enable users.

    For the past two pitfalls, Haney emphasized that vendors and companies should really not rely on concern to assistance persuade greater security.

    “You require to honestly talk the risk to folks, but really do not overstate it, and they need to have to know that there could be outcomes,” Haney explained.  “You also require to give them the equipment and the assistance to do something to build their assurance and their own capability to do a thing, given that fear without the need of action just will make persons truly feel powerless.”


    Some pieces of this short article are sourced from:
    www.infosecurity-magazine.com

    Previous Post: «potent emotet variant spreads via stolen email credentials Potent Emotet Variant Spreads Via Stolen Email Credentials
    Next Post: Palermo ransomware attack: Vice Society claims responsibility as city details recovery strategy palermo ransomware attack: vice society claims responsibility as city details»

    Reader Interactions

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Primary Sidebar

    Report This Article

    Recent Posts

    • Italy’s Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns
    • Modular “AlienFox” Toolkit Used to Steal Cloud Service Credentials
    • New Azure Flaw “Super FabriXss” Enables Remote Code Execution Attacks
    • Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability
    • MongoDB CISO: Don’t be afraid to simplify important issues for executives
    • Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
    • Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
    • Lazarus blamed for 3CX attack as byte-to-byte code match discovered
    • New Cylance Ransomware strain emerges, experts speculate about its notorious members
    • 3CX Supply Chain Attack — Here’s What We Know So Far

    Copyright © TheCyberSecurity.News, All Rights Reserved.