For a long time now, people (employees, users) have been touted as ‘the weakest link’ because of the tendency to make mistakes or try to bypass cumbersome processes, with no malicious or criminal intent in mind,” says Anthony Lim, Senior Cybersecurity Advisor, Asia Pacific, for Frost & Sullivan and Vice-Chair for (ISC)2 Application Security Advisor Council. “Secondly, with the increasing proliferation of increasingly powerful mobile hand-held smartphone or tablet devices which are highly connected in this BYOD age, the employee/user element is becoming even more of an important element. Thirdly, hackers have increased their focus on trying to enter an enterprise network through ‘soft’ targets (i.e. users and employees) rather than just trying to attack the servers, switches and networks directly by using techniques such as phishing, malware, social media-borne attacks and social engineering.”
He adds, “Hence, it has always been paramount that employee awareness and education be first in mind in the fight to maintain enterprise cybersecurity and minimize risks therein.”