We are now at the end of the second week for National Cybersecurity Awareness Month. As we look back over the last two weeks, have you done anything? Ok – stop laughing. Have you actually done anything to improve your own cybersecurity posture or improve a friend’s or colleague’s view on how to protect their resources? Odds are, probably not. So why not?
- What is stopping you from changing your passwords and making sure they are unique?
- What is stopping you from running Windows Update?
- What is stopping you from following cybersecurity best practices for hygiene?
- Are you annoyed that I am asking so many questions?
BeyondTrust recently conducted a survey on privileged access management practices. What came out of the study was what we call the 5 Deadly Sins of Privileged Access Management. Outside of statistics affirming the stance of privileged access management within most organizations, the survey actually identified user behavior that contributes to many data breaches.
For Cybersecurity Awareness Month, There is a Direct Correlation
If you have done nothing to improve your cybersecurity posture so far this month, why? Is it greed, ignorance, apathy, pride, and envy? Seriously, if you:
- Have not removed admin rights to secure systems you might be greedy
- Are unaware that reusing the same password on multiple systems is a threat, you may be experiencing ignorance
- Think an attack cannot happen to you, you may be exhibiting pride
So, I will ask again, why are you not embracing Cybersecurity Awareness Month seriously and making the necessary changes?
The Outcome of this Month is to Raise Awareness
BeyondTrust understands it is difficult to change user behavior. Changing, teaching, and even gathering relevant facts is required to convince people of the need. Consider this month a time to reflect on human traits. Ask yourself how can I improve, and if needed, consider the survey we just completed. The results should help communicate why this month is so important and why we all need to change.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.