Psychology of Security

People by nature are quantitative. Meaning, people would believe a fact if the parameters of the fact were exactly defined. And when it is, they scrutinize it even further by asking about the basis of how the parameters were considered or under what maximum circumstances were these facts tested or tolerated.

 

People always find a loophole whether or not the scrutiny is triggered by knowledge or ignorance.

 

Sizing up what is indefinite in the field of cyber science, like projected risk exposure budgets, risk recovery figures, and intensity of cyber security know how, not to mention having to recommend what proper action needs to be done to prevent, recover or mitigate a cyber attack, is a challenging role. Not all people are open minded about including IT maintenance costs in their business budget ahead of time, so that proper infrastructure or network check ups can be done to avoid higher recovery costs in the event an unsuspecting cyber attack occurs.

 

Preparing one’s business before a sudden unrecoverable cyber attack is like having to decide if a baby will be immunized early in life. Similar to taking care of a baby before the baby becomes sick, you have to increase the body’s defenses early so that when a sudden sickness comes about, the body has enough defenses to mitigate and recover from the external force. Ignoring these possible sicknesses amidst blatant viral or bacterial exposure will lead to higher hospital bills or even fatality in the case that the meager defenses of the baby’s body can no longer hold up. If your business was like a baby, would you not do everything to ensure that it grows healthily, knowing that every day, exposure to external factors are always at hand? You know that there are a lot of diseases that can happen to a child, especially if they are left unprotected by immunization, healthy food and healthy environment. So if you heed precaution, the growth will be a healthy success. And if you don’t, well, you may have saved a few dollars from the start by not taking immunization into consideration, but in the event the baby becomes sick, recovery may be void.

 

Simply put: Why is there a need to look deeper into your cyber risk status?  We created an infographic that helps explain your understanding of why we may act in a manner that is contrary to what we should do.

This is generally how the brain works when faced with the concept of cyber network and infrastructure health.

 

Less is more. More is less.

Computers have upended many things(where else can more capabilities cost less year after year?) including now in the security area.  As more people connect to the Internet, more business is possible (more sales) but the risk increases as more criminals also connect and learn how to perform hacks so they can make money.

Unfortunately as more people connect higher risks and higher costs in Cybersecurity are mandatory just to keep up.

Look at this slide from VISA seminar:

It is not like the industry is staying still(payment card industry)… but as time goes on more data is at higher risk. this chart has a cost built-in.

 

Focus on the positive health impact to your business (just like a babies health) to gain more and for your projected IT maintenance budgets to be sufficient. The more defense, the lesser the risk. The higher opportunity of ignoring what is needed in your business technologically, will eventually lead to losses in the event that a cyber attack occurs due to limited defenses. Preparing ahead and thinking ahead no matter how undefined or developed the cyber diseases shall be, if you are taking care of your technological health properly, then you can expect constant growth to your company.

Contact Us to discuss risk assessment analysis for your business.