Nearly every day a successful digital breach is reported. Major organizations, government bodies, hospitals, companies, public offices have been victims of massive-sophisticated attacks all over the world. Last decade the pace of digitization and technology building has been tremendous and the coming decades promise even more high-end technology in day-to-day activities.
Given that resources aren’t scare at least at the level of government bodies or large multi-nationals- Reliance recently reported breach, JNPT had to be shut down with A.P Moller Maersk terminals at The Hague, or the Chinese fireball malware, Aadhar data breach is reported every quarter, why does this happen again? All this organizations have a lot in common-
- Dedicated resources for IT security
- Documented process for investigation and response
- Many of the defense tools deployed
- Multi-millions in security budget
Over 70% of active malware identified in environments was unique to that environment, hence deploying the set pattern of defense is not going to save the day.
There needs to be certain, subtle paradigm shift in the mindset of people about being secure online. Traditional tools are focused on gathering logs and data on situations that have occurred or are in action while there are a whole lot of situation which are yet to unfold. Keep secure against the unknown is the most difficult task.
The idea is that users need to thinking about cyber security in all aspects of their online activities as a matter of course. With the set firewalls and other security measures, individuals could internalize this goal in ways that it motivates them to prioritize security in their online activities.
A mindset suggests a way of thinking about a matter of significance. It is a firm – not a fleeting or ephemeral perspective or framework for thinking about other things. For example, the same information, such as an email attachment, will be received in different ways if one has a cyber security mindset. And it shapes choices about other issues. A security mindset might drive decisions about other aspects of internet use. It arises from the interaction of peers rather than from sanctions or directions from above. As a culture in the organization if more people have the mindset they are more likely to keep safety while online hence keeping everyone safe.
In very simple terms- Awareness about security is the key to keeping safe. As a habit if the company culture grows into secure practices the battle is half won!