I cannot think of any area of our lives or our businesses in which complacency is a strength. By definition, complacency means you are not paying attention to something. Depending on what that something is, you might end up in serious trouble. This is certainly true in our ever-evolving world of cybersecurity.
Kaspersky released its 2013 annual report last month. It contains many interesting cybersecurity highlights from which we can learn. Unless companies and individuals remain vigilant, some of these highlights will likely be highlights again in Kaspersky’s 2014 report. The report addresses the human tendency toward complacency and how dangerous it can be:
“If your organization has never suffered an attack, it’s easy to tell yourself that ‘it won’t to me’, or to imagine that most of what we hear about malware is just hype. It’s easy to read the headlines and draw the conclusion that targeted attacks are a problem only for large organizations. But not all attacks involve high profile targets, or those involved in ‘critical infrastructure’ projects. In truth, any organization can become a victim. Every organization holds data that could be of value to cybercriminals, or they can be used as a ‘stepping-stones’ to reach other companies.” (p. 7)
Human nature being what it is, it is easy to assume that your IT world and your organization’s IT world are humming along without assault, and will continue to do exactly that. This is especially true if it has never happened to you in the past. It is easy to become complacent. Unfortunately, that kind of complacency is exactly what the hackers desire. They know it eventually gives them the in.
As with all matters in life and business, be smart and be safe.