CIO Straight Talk @CIOStraightTalk What are some ways that human factors can negate the effectiveness of cybersecurity effectiveness? Joseph Steinberg @JosephSteinberg [CEO, SecureMySocial] Overtraining / training people on the wrong things - focus directed to wrong areas, and important elements of security program do not receive adequate attention... #STInsights #CIOStraightTalk #CyberSecurity #InfoSec #ThursdayThoughts Eric Vanderburg @evanderburg [VP, Cybersecurity, TCDI] #STinsights Here are 3 ways humans negate cybersecurity: 1) Humans introduce workarounds to otherwise secure processes; 2) humans can be duped by social engineering; and 3) humans make mistakes. Jonathan Reichental @Reichental [CIO, City of Palo Alto] Social engineering done well is remarkably easy and negates most cybersecurity hardware and software investments. @CIOStraightTalk #STinsights Jonathan Reichental @Reichental For example, a hacker makes a call to an employee and pretends to be the IT Help Desk. The "fake" IT Help Desk person says that a password reset is necessary on one of their accounts for some reason and asks the employee for their password. @CIOStraightTalk #STinsights CIO Straight Talk @CIOStraightTalk "What sort of strategies can be used to mitigate employee-related cyber risk?" Renju Varghese@renjuv [Chief Architect, Cybersecurity, HCL Technologies] Renju Varghese Retweeted CIO Straight Talk A very easy non-intrusive but effective CyberSecurity solution + Policy + Practice framework that is not overbearing on the Employee base along with the ease of referencible artifacts that can be referred / consulted easily. #STinsights Sanjay Katkar @sanjaykatkar [Co-founder and CTO, Quick Heal Technologies] A combination of proper policies and awareness training goes a long way in mitigating this risk. Some of the strategies include a.Timely training b.Implementing access control c.Monitoring file activity d. Data Loss Prevention (DLP) & Data back up @CIOStraightTalk #STinsight 65