Cibersegurança: desafios humanos na era digital

Cybersecurity should not be seen in isolation, but rather as a synergy between three structural factors of an organization

*By João Marcos Almeida

In the digital age, human challenges have multiplied, reflecting the rapid technological transformations that impact every aspect of our lives. Constant connectivity, provided by mobile devices and the Internet, has brought undeniable benefits, but it has also generated a series of dilemmas and difficulties that require adaptation and critical reflection. Information has acquired a fundamental role for humanity and, in particular, for our society. As time goes by, the importance of this resource only grows, and today's society is often referred to as the “information society.”

This flood of information can lead to anxiety, confusion and difficulty concentrating, impairing the ability to make informed decisions. As more aspects of life move online, the line between public and private becomes increasingly blurred. The collection and use of personal data by companies and governments raises ethical and legal concerns about surveillance and control, challenging the right to privacy.

Due to the increasing interactivity of modern societies with information technologies, cybersecurity has become a critical issue. Protecting sensitive data, preserving privacy and ensuring the integrity of digital systems are fundamental challenges that affect not only individuals, but also companies and governments. However, this task is fraught with complexities and obstacles, requiring constant vigilance, adaptation and a proactive security posture in online environments. Many cyberattacks exploit vulnerabilities in access points.

Researchers and experts recognize that cybersecurity should not be viewed in isolation, but rather as a synergy between three structural factors of an organization: people, processes, and technology. Technology can only effectively protect an organization if people have the necessary knowledge and skills in relation to technology and cybersecurity. In this sense, it is crucial to focus our attention on people, since, according to recent studies from the last decade, approximately 80% of cyberattacks occur due to human weaknesses.

In the world of cyber attacks, social engineering is one of the techniques most used by hackers. This technique involves the manipulation of human behavior by malicious individuals, with the aim of violating the confidentiality, availability and integrity of data, considered the pillars of information security. It takes advantage of psychological factors to influence victims to reveal personal and confidential information, generally acting as “triggers” or gateways for cybercriminals to carry out most of these attacks. Social engineering, therefore, exploits the weakest link in the information security system: the human being.

The human factor in cybersecurity is already addressed as a public policy in many countries, and organizational culture can contribute to how employees perceive and respond to cyber threats. A culture that values cybersecurity can also promote awareness among employees about the importance of protecting sensitive information and following security practices that promote safe behaviors. Employees are often unaware of cyber threats or do not understand how their actions can impact the security of the company. Investing in ongoing and relevant training programs can help increase employee awareness and understanding of the importance of cybersecurity, not to mention that the cost of a successful cyberattack can be significantly higher than the investment required to prevent such attacks.

The vulnerability of devices, data, information and people is a central issue in the modern scenario. Cybercriminals never stop exploiting and abusing vulnerabilities in systems, in organizations' security practices and in people's behavior. It is necessary to advance research that considers the human being as a determining and vital factor in the interaction with machines and its consequences. Technology evolves, storage platforms are renewed, but the human factor cannot remain static. It is vital that people also evolve, understand and become aware of the risks and know how to protect themselves.

*João Marcos Almeida is a Think Tank researcher at ABES and a professor of management and business at the São Paulo School of Technology. He served as a Mentor for the Innovative Research in Small Businesses (PIPE) program of the São Paulo Research Foundation (FAPESP).

Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies

Article originally published on the IT Forum website https://itforum.com.br/colunas/ciberseguranca-desafios-humanos-era-digital/