Attitudes towards cyber security: We trust the internet too much

Written By Charlotte Page

When it comes to cyber security, too many people adopt a “she’ll be right” attitude. So, we ask you this:

Would you be concerned if a stranger gained access to every piece of information on your devices? 

We’re talking everything! From bank statements to photos, confidential business emails to personal information like your DOB and address. 

A recent webinar hosted Cyber Security Academic & Advisor, Jongkil Jeong, and LogMeIn/LastPass Senior Manager and Account Executive, Lloyd Evans, touched on a multitude of important cyber security points. One in particular stood out to us: 

People have too much trust in the internet. 

In Joeng’s belief, this is one of the leading issues as to why people don’t take cyber security seriously. An example is ticking the T&C’s and never actually reading them. He makes another interesting point:

Do you think of cyber security as an industry? 

This is another issue because cyber security is in fact an activity and requires a behavioural shift to mitigate the associated risks.

bigstock-Cyber-Security-And-Digital-Dat-322470088.jpg

Cognitive dissonance is a real issue when it comes to cyber security, in particular password security. The attitudes and behaviours towards online safety require a massive shift and the crazy part is, people know what it takes to be safe online, they just can’t be bothered making the shift. 

Here’s why this might be… 

There’s 4 key components Jeong identified that impact a person’s decision to adopt a specific behaviour. They include: 

  1. Performance expectancy - If I adopt this, how much will it benefit me?

  2. Effort Expectancy - How easy is it for me to adopt this behaviour?

  3. Social Influence - What is the general consensus? What are people saying about this technology?

  4. Facilitating Condition - Will it do what it says it will do? 

If these 4 elements are absent in the process of adopting cyber security procedures, attitudes and behaviour are hard to change. Multi-Factor Authentication (MFA) was used as an example in the webinar. They’ve nailed the effort expectancy part because it’s easy to implement, but failed to address the performance expectancy. Do people really know how MFA can benefit them? Most likely not.

The performance expectancy aspect should however not be underestimated and is the first vital step in changing behaviours and ‘lazy’ attitudes towards cyber safety. We need to first understand why we need something in our lives to adopt the behaviour. If we don’t know the ‘why’, there’s no reason to make a change.

It’s no doubt a time investment to implement cyber security activities, but time worth spent. We challenge you to start today, and if you’re not sure how, we’re always here. 




Charlotte Page
Previous

Eaglecrest named Top 10 in Australia
Next

Microsoft Flight Simulator