The Human Element in Cybersecurity

The Human Element in Cybersecurity

August 29, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

In highway safety, it’s been said that the weakest part of any car is the nut behind the wheel. It can also be said that the weakest point in any cybersecurity system is the person in front of a computer screen.

Two posts on the Cyber Security Intelligence website (www.cybersecurityintelligence.com) discuss research by ESET and Myers-Briggs that found only 42% of businesses focus on compliance training as part of cybersecurity, and 63% rely predominately on passwords. With cyber attacks becoming so frequent they are almost “business as usual”, employees are the first line of defense and their support is critical.

In the war against cybersecurity breaches, organizations have a new weapon: “cyberchology”, using psychometric tests to identify how employees react to cyber threats. Research identifies five personality types: extroverts and people with preferences for sensing, feeling, judging or thinking. Each of these personality types has different strengths and weaknesses when dealing with cyber threats. Psychometric tests can be used to build self-awareness to make individuals less vulnerable to cyber threats.

Cyber criminals always have a head start on legitimate software developers. The “next big thing” in cyber crime goes live before developers can cope with the “last big thing”. Since criminals rely on employee ignorance and unawareness, all employees must be trained to overcome their individual weaknesses and protect all of their devices, not just their desktop computers




About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.