Microsoft 365 is unsafe to use in education because confidential information can be freely requested by authorities. How can you send your files...
Human factor in data security: Confident Carla
An accident is just around the corner – we all make mistakes. One might be a little more sensitive to this than the other. Mistakes make us human and these do not always have a detrimental impact. That is, until it concerns data security, because then, it becomes a completely different issue.
In this “Meet the team”-series, you will meet the employees whom are at a higher risk of making a human error and in turn pose a threat to your data security. Last week, we highlighted Stressed Sandra: the employee who is always stressed, causing her to make a mistake quite easily.
In today’s blog, meet Confident Carla: too confident for her own good and also the organization she works for. She never worries about potentially making a mistake, after all, she always does everything right the first time.
Right? Wrong, like with everyone else, things can take a turn for the worse from time to time. But, why is Carla particularly sensitive to this? Today’s blog covers exactly how and why someone like Carla can be a threat to your data security.
Carla is an HR associate at a big consultancy firm. Week in and week out, she exchanges data, provides information and maintains human resources records amongst other things. Her success has left her brimming with lots of confidence and in some cases, too much. Carla believes she is self-sufficient enough to take on everything herself. What she does not know is how her overconfident behavior can have unwanted consequences.
The dangers of overconfidence
Growing confidence is a very normal response in individuals who experience success. However, there are times that people simply overdo it and this can have a dramatic impact on your organization with regards to data security.
Now, how can overconfidence have a negative effect on data security?
- Taking too many risks. Risks cannot be avoided completely, but overconfidence can convince you to take too many of them. At a certain point, someone like Carla will not be able to control the outcome of her risky actions, which could result in a data breach/ leak.
- Inability to see mistakes. Mistakes can occur in every aspect of life, but overconfidence can make you blind to them. Carla does not perform regular security checks as she believes she never makes a mistake and always does everything right.
- Often does not pay attention to training or constructive criticism. She believes she already knows everything which leads to her missing out on potential new information regarding cyberthreats or security.
Overconfidence bias can interfere with decision-making. Carla tends to not seek help as she is convinced she is the organization’s best asset. This way of thinking leaves Carla in danger of failing to notice errors in her work process.
- She uses a single password across all work-platforms as she is confident her password is strong enough to be used more than once.
- She shares sensitive HR-records without double-checking the recipient(s).
- Occasionally opts to use her personal hotspot to exchange files quicker, leaving data vulnerable to being intercepted by hackers.
How can we help Carla?
In an ever-changing cyber-landscape, employees should be vigilant and make a habit of working securely. Overconfidence can prevent persons from being aware of these threats and their potential consequences. It clouds judgment and influences actions. Since Carla does not like asking for help herself, what can we do to support her?
Many individuals unknowingly express overconfidence, whether it is verbally or in their behavior. They tend to think they know more than they really do. As a result, they tend to take on more than they initially realize they can or simply, fail to recognize their own errors.
In order to do better, Carla can make use of smart notifications that inform her prior to the action whether she is sharing the right files with the correct persons or not. In addition, a password manager that can help her generate new secure passwords she can use. Lastly, awareness training to inform her on risks, so that she takes less of these. This enables Carla to focus on her organization’s core business.
That concludes our “meet the team” series. Over the course of this Cybersecurity month, we introduced you to four common employees that can pose a threat to your organization’s data security. These individuals are present within every organization and it is important to be able to recognize the danger behind them in order to prevent data leaks. The fact remains that people are often more unpredictable than we think. We just need to know where to start!
To help you with that, we have 5 additional tips for you. Learn about them in this blog and decrease every potential risk within your organization!