From the leadership and data protection teams down to the rest of the company’s staff, the threat of a data breach is becoming a bigger concern to everyone. With GDPR and other regulatory bodies all over the world pressuring companies to report breaches, experts screaming you’re not doing enough, to a constant stream of news where companies lost more than just their data. The dread and worry of the next attack seem to be growing on fertile soil.
From where we stand, sometimes the question of handling cybersecurity is not a matter of being in a state of constant alertness. In fact, in 2023, we dare to argue that the biggest challenge is managing that state of wariness. The cybersecurity life cycle in most companies is 99% absent of threats and breaches. So, what do we do in that time frame of “peace and calm”? Do we marinate in fear of the next attack; read new GDPR regulations; double-check timelines on incident reporting; improve processes to bulletproof vulnerabilities?
In reality, probably a little bit of everything. And this mashed potato of collective state of mind might be feeding into a recent, overwhelming phenomenon.
What is FOMO in Cybersecurity?
In today’s culture, the fear of missing out, also known as FoMO, is widespread angst. Growing roots in social media, it willed its way into the lives of many people. If you’ve ever felt down for not being in the know of recent trends, information, and happenings you’ve probably been touched by FoMO. And, as with most things nowadays, with the power of viral spread, the term found a way to creep into other areas of our lives.
In the field of data security, FoMO represents a crippling phenomenon that impacts cybersecurity officers and organization leaders. The ones making sure their company is on the safe side of the cyber realm. Professionals in the cyber niche use this term to describe the all-too-common feeling people get when they become overly preoccupied with every possible threat.
This mindset, although generally a good trait for cybersecurity experts, can sometimes do more harm than good. It can increase collective feelings of distress and can even lead people to act against perceived threats that in actuality don’t exist. Therefore it’s important for businesses to recognize and address the effects of FOMO in their security operations and try to circumvent the chain of negative reactions. That’s why in this piece we’ve bundled together 5 ways that could aid your efforts to steer clear of FoMO.
3 Ways Organizations Can Avoid FOMO
#1 Know the motives behind most cyberattacks
We know this may seem daunting at first, but knowing the true reasons why most cyberattacks occur may put you at ease if approached with rationale. Loud and clear now – not every attack is malicious nor ought to get your company. Once you consider all the possible motives you’ll also start to understand the weight they carry is also offloaded substantially. Plus, knowing the reasons behind menace instills confidence in thwarting attacks.
So the question is, what do cyber attackers target mostly? According to IBM and multiple other sources, the primary motivation for most attacks is financial gain. The following money aspirations are:
- Recognition and achievement
- Resentment towards company
- Intellectual challenge
- Competitive race
Mr. Schmidt, a chief security officer at Amazon, says it helps to build cyber defenses around four related motivations: ego, money, ideology, and coercion. These four also align well with the items in the bulleted list. Why is this important and how’s it giving you the piece of mind? Well, most attacks your company is at risk of probably funnel down to a single area.
When driven by financial gains, the patterns these hackers tend to abide by are mostly easier to figure out. They tend to breach the parts of the system that helps them obtain data. Or, most of them – according to Schmidt – also use their computing units for other purposes like mining cryptocurrencies.
Certain reports that exist in cyberspace allude that a big portion of all breaches happens internally, as well. One such comprehensive study done by Verizon shows that 34% of all breaches were in-house threats. Knowing the insider risk is there – and potent – helps security professionals to better cover the most critical ground. Instead of just spying for unusual, erratic behavior, well-founded efforts also include taking care of off-boarding protocols, consolidating privileged rights based on trust level, remote access, and employee cyber training.
#2 Speaking of employee training…
For companies of all profiles, it’s important to not only safeguard against the ways in which intruders can gain access to data. Protecting and educating your employees from cybercrime is high up there too. Before we go into some of the tips top-tier companies are using to train their employees, first let’s bring awareness to what types of employees are most prone to malicious attempts.
According to the Multiple Mediation Analysis done by the University of Strathclyde, these traits include extraversion, agreeableness, conscientiousness, short-temperedness, openness to new experiences, and impulsiveness. By being aware of these praiseworthy traits in your people you can take steps to educate and protect your employees, ultimately providing ease of mind for both you and your entire workforce. With proper education and awareness, your employees can learn how to identify and prevent risky conduct online so to prevent attacks from ever occurring.
- Encouraging taking care of devices without the blame. The loss or theft of devices was involved in 21% of the breaches as reported by global security decision-makers. Keep in mind that preventative behavior, instead of pointing fingers, is desired to keep these numbers lower.
- Teaching without showing fear. Show your employees how to spot suspicious activity: unknown apps on devices, pop-ups during startup, low performance on laptops, new browser extensions, etc.
- Training everyone but especially your top management. They tend to have more access to sensitive information and direct damage to them might have worse aftermath for the company’s reputation and balance sheets.
- Organizing regular training sessions with a lighter tone. You need your employees on the lookout but you also don’t need them to panic. Consider a lunch and learn option or use lighter case studies and examples.
- Never, never discouraging employees from raising a red flag. Even if it’s a false warning, the last thing companies would want here are employees who are ashamed to speak up.
- Explaining regulations. Each regulatory body in the world approaches the subject with a slight difference. Teaching your employees about the one that affects your business – like GDPR or CCPA – goes a long way.
#3 Approaching risk methodologically instead of emotionally
One of the issues FOMO-affected cyber teams indulge in is over-monitoring. This behavior, shaped by the constant fear of the possibility of threat, tends to hurt cybersecurity more than it contributes. In turn, instead of focusing on a methodological approach to security, they tend to be on the lookout for indicators and signs of possible attacks, review past breach episodes to exertion, and so forth.
Security professionals, regardless of the possible faults in specific methodologies – and you’re probably first to understand each one is faulty to a degree – should mostly abide by them. They were made by experts to help fend off threats and bring ease of mind to organizations. If the one they use satisfies the company’s current security appetites, it might be best to rely on its efficacy.
These methodologies are usually shaped to analyze the tactics, techniques, and procedures of a threat actor to help them in counterintelligence efforts. TTP-based approaches are known to correlate an attack to a known hacker or threat group and help everyone better understand a malevolent framework. Especially if that “everyone” is not a first-rate cybersecurity expert. Methodological approaches provide a structured path for professionals to navigate through the investigation process, enabling them to effectively identify the source of the threat and the attack vectors being used. By using one of the cybersecurity methodologies in their threat modeling activities, security professionals can gain a more complete understanding of the severity of the threat and develop effective incident response and threat mitigation strategies.