Humans have long been regarded as the weakest link in cyber security, but flawed design, rather than humans, could in fact be the weakest link.
This is according to Christine Bejerasco, CISO at WithSecure, who says technology design often focuses on how the technology will be used, without considering how it could also be misused by threat actors.
Speaking ahead of the ITWeb Security Summit 2024, Bejerasco says there are numerous examples of technologies built in the past that allowed malware to penetrate and spread. “We have learned that whenever there are technologies, threats will always follow,” Bejerasco says.
Technologies and processes must be secure by design – built to be resilient to human error, she says. “Building too quickly, and focusing on quantity over quality can increase risk,” she says.
She adds that thorough training should be introduced to empower developers, finance, HR, legal and other specific roles to see the vulnerabilities in their departments through the eyes of an attacker.
Christine Bejerasco will present a talk at the summit entitled ‘Secure by design: Building for the user with a security mindset.’ Her presentation will outline how to deliver technologies and processes that are both user-friendly, and also raise the bar for security.
The ITWeb Security Summit 2024 will take place at the Sandton Convention Centre on 4 and 5 June. For more information and to register for this event, go to https://www.itweb.co.za/event/itweb-security-summit-2024/
Share