If you have followed our work for any amount of time, you will note that we are fans of certain information security technologies such as encryption, AI and machine learning as well as blockchain. But you will also note we are very specific, cautious and surgical about their use. Encryption is a must-have but does little for you if your underlying systems or habits are vulnerable. Think keyloggers, poor handling of encryption keys and using encryption to transmit but not for storage. AI and machine learning are wonderful for sifting through mountains of data to find those data packets that just seem out of place but not so great when used to filter and even block content or to fully remove human decision-making from the process. Blockchain is a revolutionary technology that can really change how we do business, but unfettered faith in it – much like any other technological wizardry – will not lead us to the peaceful and serene abode of cybersecurity, network security, information security, data security or whatever you would prefer to call it.
You see, here is the problem with all of these technologies: they do not cure the problems caused by the operator, otherwise known as “you.” At best, they only treat the problems the operator is responsible for. Pick your study over the last few years, and you will find that human error is responsible for 85%-95% of cybersecurity and privacy breaches. Based on those findings, we are going to go out on a limb here and say this: you (okay we, to be fair) are the problem. Always have been, always are, always will be. Everything else is just fog, playful squirrels distracting us, and cute cat videos.
This two-by-four-smack-to-the-forehead fact should be enough evidence to make us pause and (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/you-the-first-last-and-best-data-protection-and-privacy-defense-part-1/