CYBERSECURITY IS IT A CHOICE OR IT’S A HABITS
Good habits give you good results in life. Most people practiced good habits to avoid damage personally, emotionally and financially.
Good things you do repeatedly as your routine every day in health, safety and life have a positive impact without you even realizing it. Nobody forced you to do it but due to right awareness of the impact if you don’t do, creates good habits. Even though you might not see the results right away, habits can be powerful in lots of different ways. For example, if you do some intense exercise today, you won't look different tomorrow. You won't immediately be super fit either. But do it every day, and in time, the results will show. If you are at site and wear your hard hat today which you think you might not need it. Hopefully, you don't have things falling on your head every day at work. But the day something does go wrong, if you made it a habit to wear your helmet, it’s there to protect you.
Good habits are not only practiced in an individual lifestyle but also in any management of any manufacturing or any organization industry. Today, people talk about (IR 4.0) Industrial Revolution 4.0. The advent of IR 4.0 is beneficial to improved productivity and efficiency, better flexibility and agility and increased profitability. Nevertheless, the new technology that is hyper-connected with smart devices and smart networks, may pose hackers who can try to exploit the significantly higher number of vulnerable entry points into networks and devices.
Human errors are a massive issue for cybersecurity. In 2014, IBM reported that, “over 95% of all [security] incidents investigated recognize ‘human error’ as a contributing factor.”
(https://hbr.org/2017/12/better-cybersecurity-starts-with-fixing-your-employees-bad-habits) . Employees often give common reasons like:
Too much work. Employees claim to be too concentrated on the current task, leading them to constantly put off software updates.
The wrong timing. Update pop-ups often appear at inconvenient moments, which leads employees to form a habit of ignoring them.
No time to learn. Employees may be reluctant to spend time exploring the features of new licensed software, instead opting to use outdated software they already know.
No time for updates. Employees are often unwilling to wait for updates to be finished.
Force of habit. Employees continue working with outdated or unauthorized software because they’re used to it.
Lack of cybersecurity knowledge. Users often don’t understand the risks of disabling security features and using unauthorized or outdated software.
Employees with no or lack of knowledge in cybersecurity can be trained or educated. Imagine if all employees have good habits in ensuring the safety of any IT/OT devices and networks used in their workplace. Cybercrime can be reduced or avoided. They just have to make it a habit by ALWAYS:
Think twice before clicking on links or opening attachments.
Verify requests for private information (own self or anyone’s), even if the request seems to come from someone they know.
Protect their passwords.
Protect their stuff! Lock it up or take it with them before they leave.
Keep a clean machine! Keep devices, apps, browsers, and anti-virus/anti-malware software patched and up to date*.
Backup critical files.
Delete sensitive information when they are done with it.
Report it! If it’s suspicious.
It is good to have such a good habit amongst the employees. However, humans with many other excuses are unavoidable. Employees are humans too. Therefore, the management in any manufacturing or organization industry can’t afford giving similar excuses and ignoring the importance of cybersecurity and safety as a priority. Such an attitude will cost them a lot of money.
Therefore, similar to the practice in wearing the hard hat at the site, you also don’t have cybercrime happening every day at your work but when something goes wrong especially due to human’s negligence, you are protected if your cybersecurity is assessed regularly and installed in place.