Specifically, 68% of interviewees are concerned about cloud applications and data being targeted by malware, ransomware, and phishing attacks. 55% are not confident that cloud security is properly configured, but 59% believe they have appropriate control processes and policies in place to protect the cloud. About one in three respondents said it was difficult to properly train employees in cybersecurity.
end user under attack
Keri Pearlson, executive director of the MIT research consortium Cybersecurity at MIT Sloan (CAMS), says the weakest link in any IT security strategy will always be people. CAMS studies organizational, management, and strategic issues in the cybersphere. “It only takes one person to click the wrong email, click the wrong link, or install the wrong program and infect your system. Everyone, everyone who interacts with the system can be a potential point of vulnerability,” says Perlson.
More than 99% of system security measures are typically handled in the backend by IT, but a small fraction of security threats for which users are responsible account for nearly 19 out of 20 cyberattacks, Salvi said. says Mr.
“They all start with phishing emails,” says Salvi. “They’re trying to get the keys instead of unlocking them.” The Covid lockdown left end his users in a position to suffer more and security strategies were quickly adapted.
In contrast to traditional end-user security models, a user’s first sign-in to a Zero Trust environment (whether confirmed by fingerprint, face scan, or multi-factor authentication) is not the end of surveillance . Once in, Zero Trust will follow users carefully when they are having a cyber day to make sure they aren’t doing anything malicious and that they aren’t accidentally clicking links that open the door to hackers. Except for occasional re-authentication requests, users won’t notice Zero Trust unless Zero Trust decides they can’t trust you and locks you out of where you want to go.
“We don’t have to rely on the user to do the right thing for security to work,” says Salvi. “You don’t have to remember complex passwords, change them every three months, or be careful about what you download.”
Download the full report.
This content was created by Insights, the custom content division of MIT Technology Review. It was not written by the editorial staff of MIT Technology Review.