Users May Not Be To Blame For Security Breaches
Can users be to be blame for the security breaches that seem to be hitting nationwide? Not entirely, but they certainly seem to be the scapegoat.
Employers must be held accountable for the technology they provide their employees. If they are not supplying an adequate security solution, and patch management services, the employee cannot be blamed for that. Similarly, if the company wants information stored on a cloud based solution, they need to provide a secure, private solution. If the employer does not do so, the employees cannot be held accountable if they use public services and end up with company data breached. It is also important for employers to take the time to educate their employees on cyber security.
The point is, employers need to be held responsible for the services they are offering their employees. If they choose not to provide appropriate security services, employee training, or secure platforms how can employees be blamed for breaches? They cannot.
Professor Angela Sasse, professor of human-centered technology and director at the UK Research Institute in Science of Cyber Security at University College London, stated to ZDNet,
“In order to have a chance of improving cybersecurity in the workplace, those issuing security directives must “stop asking people to do impossible things” and placing blame on employees. If you don’t make it easy for people to do the right thing, you’re wasting money on security awareness.”