The Human Factor in Cybersecurity<\/p>\n\n\n\n
By<\/p>\n\n\n\n
FELIPE GONZALEZ<\/p>\n\n\n\n
As long as we are not run or conquered by SkyNet or AI, and the human factor is<\/p>\n\n\n\n
involved in maintaining or creating cyber infrastructures, there will always be room for<\/p>\n\n\n\n
error. The struggle and budget to maintain safe networks will only climb up in cost,<\/p>\n\n\n\n
cyber criminals are getting smarter and technologies just keep evolving. One of the<\/p>\n\n\n\n
disadvantages people believe we have, is that criminals don’t necessarily have a budget<\/p>\n\n\n\n
to worry about, like companies do.<\/p>\n\n\n\n
Again, not only Cyber criminals might have the upper hand, but sometimes the<\/p>\n\n\n\n
attacks come from within. As long as there is a human factor involved there will always<\/p>\n\n\n\n
be risk. All personnel need to understand the risks associated with threats, and need to<\/p>\n\n\n\n
know how to follow protocols if infiltrated. Implementing these guidelines will minimize <\/p>\n\n\n\n
vulnerabilities in the workplace, change isnot easy, and many might not like it, and as such <\/p>\n\n\n\n
need to evolve and adapt as a whole to be able to fight any threats.<\/p>\n\n\n\n
Every person is as important as the next, cybercriminals don’t care who you<\/p>\n\n\n\n
really are, all they are looking for is for a weakness and a vulnerability to have access<\/p>\n\n\n\n
to, but as we all prepare for this journey in training, you are all going to be prepared for<\/p>\n\n\n\n
anything.<\/p>\n\n\n\n
Avoiding Human Error <\/strong><\/p>\n\n\n\n 1-New security awareness training and live fire exercise drills to be implemented and<\/p>\n\n\n\n supervised by a lead on a bimonthly basis. Cyber training must be completed as<\/p>\n\n\n\n scheduled, no exceptions.<\/p>\n\n\n\n 2- Passwords for all logins will have a new standard, and will have to be changed every<\/p>\n\n\n\n 60 days.<\/p>\n\n\n\n 3- All policies will be revised and updated.<\/p>\n\n\n\n 4- Access control will be implemented: Administrators will manage roles and users. Only<\/p>\n\n\n\n need to know access restrictions will be implemented. This will help identify personnel<\/p>\n\n\n\n better, control accesses, control personnel access if laid off.<\/p>\n\n\n\n 5- Two factor authentication and background checks will be implemented for personnel<\/p>\n\n\n\n needing access to sensitive information and financials..<\/p>\n\n\n\n 6- Security guard will be added for access control.<\/p>\n\n\n\n 7- No remote working on sensitive information will be permitted on personnel devices.<\/p>\n\n\n\n Cyber Securities <\/strong><\/p>\n\n\n\n 1- Inventory of all assets and asset management: this will help discover unauthorized<\/p>\n\n\n\n devices connected to our systems, and will locate device locations in the network.<\/p>\n\n\n\n 2- Update all software, patches and firewalls on all assets: create a schedule for all<\/p>\n\n\n\n upcoming updates.<\/p>\n\n\n\n 3- Implement network segmentation.<\/p>\n\n\n\n 4- Check all physical systems, hardware and wiring to ensure hardware and or assets to<\/p>\n\n\n\n check they are in good condition and not in need of replacements.<\/p>\n\n\n\n 5- The IT department will be trained and will implement an incident response team that<\/p>\n\n\n\n will train and be responsible for handling any security incident timely and effectively.<\/p>\n\n\n\n 6- No uploading of any apps into the system is permitted, to include AI without proper<\/p>\n\n\n\n authorization.<\/p>\n\n\n\n Conclusion<\/strong><\/p>\n\n\n\n This will be the start of many changes to be, if we come together as a team we<\/p>\n\n\n\n can protect ourselves from outsider and insider threats, policing ourselves can prevent<\/p>\n\n\n\n inadvertently disclosing sensitive information. We must invest ourselves in cybersecurity<\/p>\n\n\n\n awareness, training and educating ourselves about common threats, security protocols<\/p>\n\n\n\n and best practices in the workplace.<\/p>\n\n\n\n We as a whole should be empowered to report suspicious activities, every single<\/p>\n\n\n\n one of you plays a vital role in maintaining a secure environment. By being vigilant and<\/p>\n\n\n\n supporting each other, we can protect and detect if someone is being emotionally<\/p>\n\n\n\n manipulated and try to gain access to compromise our network securities.<\/p>\n\n\n\n Resources:<\/strong><\/p>\n\n\n\n Brian K. Payne(2018). \u201c White-Collar Cybercrime: White-Collar Crime, Cybercrime, or Both\u201d. Criminology, Criminal Justice, Law & Society, 1-17.<\/p>\n\n\n\n Brian K. Payne, & Lora Hadzhidimova. \u2018Cybersecurity and Criminal Justice: Exploring the intersections\u201d. INPRESS at International Journal Of Criminal Justice Sciences. 1-18.<\/p>\n\n\n\n Edward Kost, UpGuard Inc (2024) \u201cHuman factors in cybersecurity in 2025\u201d. Retrieved 28 March 2025, from: https:\/\/www.upguard.com\/blog\/human-factors-in-cybersecurity#:~:text=Human%20cyber %20risk%20refers%20to,internal%20information%20to%20unauthorized%20persons<\/a><\/p>\n\n\n\n SecurityScorecard, Learning Center Blog, public (2024), \u201c The Human Factor in Cybersecurity\u201d. Retrieved 28 March 2025, from: https:\/\/docs.google.com\/document\/d\/1qw55h_cgM3aaJpwKa0KHkP5gcQY7kfVgTL1lVh GZqGo\/edit?tab=t.0<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" The Human Factor in Cybersecurity By FELIPE GONZALEZ As long as we are not run or conquered by SkyNet or AI, and the human factor is involved in maintaining or creating cyber infrastructures, there will always be room for error. The struggle and budget to maintain safe networks will only climb up in cost, cyber… <\/p>\n