The 20th anniversary of National Cybersecurity Awareness Month is an excellent reminder that not only are cyber threats still a serious issue, but they have also grown and become more sophisticated. Thankfully, protecting ourselves online has been made easier than ever with the adoption of new technologies to authenticate our identities and growing research into how to leverage the tools available to us. As the Chief Information Security Officer (CISO) for the Department of Commerce, I work closely with the cybersecurity experts at the National Institute of Standards and Technology (NIST). These experts are at the forefront of cybersecurity research.
One consistent theme you’ll hear from NIST and other cybersecurity experts is how human psychology can be exploited by cyber criminals to compromise our accounts. However, research into how we interact online has shown us several straightforward steps we can take to minimize the risk of common behaviors proven to be insecure.
Over the last few years, we’ve seen this research help us better understand one of the first things that comes to mind when we think about online safety–passwords. Previously, the conventional wisdom was to create passwords using special characters, capitalization, numbers, letters, and a variety of arbitrary rules including forcing you to change your password multiple times per year. Research shows each of us did the same thing in response–re-used passwords or created variations of the same password because we’d been asked to memorize dozens of unique passwords for every site, log-in, or application.
Our natural instincts created a weakness in our online security and cyber criminals took advantage. Research on the use of passwords has demonstrated the inherent weakness in expecting users to m ..
Support the originator by clicking the read the rest link below.
