{"id":1481,"date":"2018-04-30T12:09:36","date_gmt":"2018-04-30T16:09:36","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=1481"},"modified":"2018-04-30T12:09:36","modified_gmt":"2018-04-30T16:09:36","slug":"employees-and-cybersecurity","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/","title":{"rendered":"Breaches Aren&#8217;t Inevitable: Employees and Cybersecurity"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1062\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\" alt=\"employees and cybersecurity\" width=\"800\" height=\"350\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-300x131.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-768x336.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-600x263.jpg 600w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-617x270.jpg 617w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-180x79.jpg 180w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-400x175.jpg 400w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Jane Austen made some very sarcastic proclamations on universally acknowledged truths, but in the digital age there is only one agreed-upon reality: nobody is safe online.<\/span><\/p>\n<br \/>Widget not in any sidebars<br \/>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This is one of those lessons we as an online society have learned, relearned, and yet never seem to fully absorb: nobody, and no enterprise, is safe from the machinations and wrath of digital threat actors. Between the data breaches at Yahoo!, Equifax, Panera, Lord &amp; Taylor, etc., cybersecurity professionals have had plenty of opportunities to remind us of the realities of cybersecurity. Our data is in constant peril, and enterprises need to treat cybersecurity as a top business priority. The consequences otherwise, we\u2019re told, could be disastrous&#8230;perhaps more so than the disasters we\u2019ve seen in the past. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">On the one hand, these reminders of the need for better cybersecurity have engendered some positive changes. <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/accenture-study-ceos-taking-ownership-cybersecurity\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">CEOs are taking more initiative in cybersecurity purchasing<\/span><\/a><span style=\"font-weight: 400\"> and budgetary decisions. Enterprises are reporting they are finding threats faster than ever. Solution providers in <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/gartners-2018-magic-quadrant-for-endpoint-protection-platforms-epp-whats-changed\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">endpoint security<\/span><\/a><span style=\"font-weight: 400\">, <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/1122-2\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">security information and event management (SIEM)<\/span><\/a><span style=\"font-weight: 400\">, identity and access management, and <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/whats-changed-gartners-2018-magic-quadrant-identity-governance-administration-iga\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">identity governance and administration<\/span><\/a><span style=\"font-weight: 400\"> are constantly innovating to provide the next steps in cybersecurity. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">On the other hand, the relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. We\u2019ve written the phrase over and over again, yet only because it remains true regardless of the size or industry of your enterprise: your employees are your largest attack vector. Their online behavior and actions will determine whether your security information and event management (SIEM) solution or any other cybersecurity solution stays seaworthy or sinks. If your employees and cybersecurity remain at odds, it won\u2019t matter what solution you deploy. That\u2019s why <\/span><a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/five-gotcha-msps\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">phishing attacks<\/span><\/a><span style=\"font-weight: 400\"> have seen an increase in 2017, with over a million new variants arising. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to our interview with <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/talking-identity-security-identiverse-richard-bird-optiv-inc-part-2\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Richard Bird of Optiv<\/span><\/a><span style=\"font-weight: 400\">, the relationship between employees and cybersecurity can best be described as \u201ccavalier.\u201d Older employees whose generation first developed the modern internet often choose to sacrifice cybersecurity best practices for expediency and profit. Younger employees, who grew up in a digital culture, often resign themselves to a lack of privacy and the inevitability of data breaches. They express a carefree, \u201cwhy worry?\u201d attitude that could cost your enterprise millions in financial damages. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here\u2019s the thing: suffering a cybersecurity breach is not a foregone conclusion. One of the (only) positive things about the<\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/numbers-armors-black-market-report-look-inside-dark-web\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\"> black market proliferation<\/span><\/a><span style=\"font-weight: 400\"> of hacking tools and software is that the hacking community is now encouraging inexperienced newcomers to try their hand at illicit digital activity. Deploying a basic security information and event management (SIEM) solution and an endpoint security solution will scare those hackers off. Those tactics can even scare more experienced hackers into trying another target. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The reason why is simple. Hackers are human. Humans tend to look for the easiest option and routes when faced with a problem. Hackers obey this principle more than anyone. A hacker could spend hours and hours bypassing and concealing themselves from an enterprise\u2019s security information and event management (SIEM) solution. Alternatively, they could simply move on to a different enterprise with a far weaker SIEM solution or no cybersecurity platform whatsoever. In all but the rarest cases, hackers will pick the latter option. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The overall point of this article\u2014the grand theme behind it\u2014is that we need a shift in the discourse surrounding digital threats to improve the relationship between employees and cybersecurity best practices. Focusing on how inevitable breaches are in all of our discussions may only be encouraging employees to act recklessly. A change in how we discuss the problem and the solution might make all the difference: \u201cBreaches can be devastating, but if we follow best practices, we can stop all but the most serious hackers.\u201d <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This new attitude needs to be reinforced via <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/gamification-can-improve-enterprises-cybersecurity\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">educational efforts<\/span><\/a><span style=\"font-weight: 400\">, and it needs to be the attitude encouraging employees to learn how to recognize phishing attacks or how their digital activities can affect your enterprise\u2019s digital safety. The change in attitude, as well as more effective educational approaches, could make the training efforts more effective. Hope breeds hope, just as hopelessness breeds more of itself. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Hacks and breach attack may plague your enterprise. Phishing might clog your email accounts. Your network might be bombarded. But with knowledge and with positivity, your employees and cybersecurity can work in tandem for you. Your employees can hold the line for your SIEM solution to do its work. \u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jane Austen made some very sarcastic proclamations on universally acknowledged truths, but in the digital age there is only one agreed-upon reality: nobody is safe online. This is one of those lessons we as an online society have learned, relearned, and yet never seem to fully absorb: nobody, and no enterprise, is safe from the [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1062,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[95,145,112,86,21,22],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Breaches Aren&#039;t Inevitable: Employees and Cybersecurity<\/title>\n<meta name=\"description\" content=\"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Breaches Aren&#039;t Inevitable: Employees and Cybersecurity\" \/>\n<meta property=\"og:description\" content=\"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/\" \/>\n<meta property=\"og:site_name\" content=\"SIEM Tools &amp; Security Event Management | Solutions Review\" \/>\n<meta property=\"article:published_time\" content=\"2018-04-30T16:09:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/\",\"name\":\"Breaches Aren't Inevitable: Employees and Cybersecurity\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"datePublished\":\"2018-04-30T16:09:36+00:00\",\"dateModified\":\"2018-04-30T16:09:36+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"width\":800,\"height\":350,\"caption\":\"FireEye and Mandiant Security Validation Find Limited Cybersecurity Effectiveness\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Breaches Aren&#8217;t Inevitable: Employees and Cybersecurity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"SIEM Tools &amp; Security Event Management | Solutions Review\",\"description\":\"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Breaches Aren't Inevitable: Employees and Cybersecurity","description":"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/","og_locale":"en_US","og_type":"article","og_title":"Breaches Aren't Inevitable: Employees and Cybersecurity","og_description":"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/","og_site_name":"SIEM Tools &amp; Security Event Management | Solutions Review","article_published_time":"2018-04-30T16:09:36+00:00","og_image":[{"width":800,"height":350,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/","name":"Breaches Aren't Inevitable: Employees and Cybersecurity","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","datePublished":"2018-04-30T16:09:36+00:00","dateModified":"2018-04-30T16:09:36+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"The relationship between employees and cybersecurity hasn\u2019t changed at all. This is a problem. Employees are your largest attack vector.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","width":800,"height":350,"caption":"FireEye and Mandiant Security Validation Find Limited Cybersecurity Effectiveness"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/employees-and-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Breaches Aren&#8217;t Inevitable: Employees and Cybersecurity"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"SIEM Tools &amp; Security Event Management | Solutions Review","description":"Evaluating Enterprise SIEM Systems, Log Management Analytics &amp; SOAR Platforms.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1481"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=1481"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1481\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1062"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=1481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=1481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=1481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}