Watch this video on “The Humanity behind Cybersecurity Attacks”: https://www.ted.com/talks/mark_burnette_the_humanity_behind_cybersecurity_attacks
The speaker talks about how he was a kicker for his school football team. He talks about various factors that might affect his kicking and making that score. The same analogy goes to the cybersecurity professionals defending against attackers. These professionals do not always have the perfect conditions to defend against attacks. Provide your opinions on this statement, and ways in which the “Humans Behind cybersecurity” (both attackers and defenders) get around each other.
I agree with the speaker’s point about imperfect conditions for defending against attacks and the human factor. As people, our curiosity, trust, and generally uninformed mindset about cybersecurity create difficult conditions for information to be secure.
For attackers, they have favorable conditions that already circumvent their humanity by recognizing those flaws and then taking advantage of others. Examples mentioned by the speaker, such as scams and social engineering, are meant to take advantage of the curiosity, trust, and uninformed nature of people. However, due to defenders learning about their tactics, attackers need to constantly change their approach to getting in, but this adaptation is how attackers get around defenders.
Conversely, defenders can recognize those same flaws, but they have imperfect conditions to work with. Whether it’s uninformed employees or even mistakes by the security department, the vulnerabilities that people create will always exist and can therefore be exploited by attackers. However, strategies like penetration testing, basic security training, and strong policies can mitigate the risk of the human factor and be the defender’s approach to getting around attackers.