I sound like a broken record, but since people can’t seem to learn this lesson, it must be stated that human error is without a doubt the biggest cybersecurity vulnerability. You can patch zero-days but you cannot patch the human mind. There can be training, sure, but that training requires effort on the part of the trainee as well. This rant of mine is not without purpose, as a recent survey has only solidified just how willfully foolish the general public is as most people continue to practice bad cybersecurity methods.
The survey in question was conducted by Netsparker and probed the cybersecurity habits of a broad range of individuals in the general populace. The results were posted in a blog post and they were, predictably, disheartening. There is a lot to process from the results, so I will try my best to give the most important takeaways. Once you finish reading this I strongly recommend that you read the study for yourself.
One major area of concern is the general bad cybersecurity habits that the survey participants have when browsing the web. These habits include utilizing public WiFi without any protections like a VPN, opening suspicious links on social media (clickbait websites are a haven for viruses), utilizing one password for many logins (84.8 percent of respondents admitted this), and also employing easily cracked passwords. All of the issues here are an easy fix but seem to be difficult to rectify for the participants (which is indicative of how rampant these problems are). People wonder why they get hacked, but if they do any of the aforementioned habitual actions, there really shouldn’t be any confusion.
Another huge issue is the lack of concern or ignorance some in the survey showed toward device updates. About 20 percent of those surveyed admitted to never updating their smart home devices (thus opening them up to becoming part of an IoT botnet), 7.4 percent do not update their home PCs operating system, and 7.2 percent never update their mobile devices. While the home update statistic is the most glaring, don’t think that the mobile and PC updates are minuscule just because they are in the 7 percent range. Take the 7 percent and then apply that to the global population; suddenly that “small” figure seems a lot more serious.
Imagine all of the ways that hackers can get to these individuals in the 7 percent as all it takes is one good vulnerability to blow something wide open. The survey proves that, until we can drop these percentages to zero, there will always be work to be done in terms of educating the public on their bad cybersecurity practices. It isn’t simply educating, however, as the people themselves must become more proactive in their own cybersecurity, whether it is online or offline.
Photo credit: Wikimedia