Welcome to the SecAware blog

I spy with my beady eye ...

30 Jun 2013

"Bloopers", a brand new security awareness module

We're only human.  None of us is perfect – we all make misteaks (some more than most!).  

Most of the time we get away with them, but the odd moment’s inattention sometimes leads to a little accident and, in rare cases, causes something far more serious.

Researching the topic and writing July's NoticeBored security awareness module was quite entertaining at times.  Even the very words we use tend to raise a smile - blooper, boo-boo, boob, gaffe, gotcha, blunder and so on.  For those not directly impacted, human errors such as actual slip-ups can be hilarious.  There are popular TV programs and YouTube channels devoted to this stuff.  

On the other hand, the 2 micron error that nearly wrecked NASA’s Hubble Space Telescope was outrageously expensive and not funny at all, while the ‘Weapons of Mass Destruction’ intelligence error that led to the Iraq war is deadly serious, not in the least bit amusing.  With such a huge variety of bloopers to draw upon, we were truly spoiled for choice.

We built July's staff seminar around the infamous story of HMS Titanic, highlighting a litany of human errors, bad decisions and other information integrity issues that contributed to the loss of over 1,500 lives.  

In the commercial context, errors and gaps within business information, plus mistakes made in interpreting and acting upon it, lead ultimately to the success or demise of the corporation.  Some can have societal impacts.  To take a recent example, the sub-prime mortgage fiasco that sparked a global economic crisis could be ascribed to severe errors of judgment by the banking industry and its regulators.  

It’s a common problem, well known to the psychologists who study gamblers.  So long as things are going well, there is a natural human tendency to “push our luck”.  Couple that with raw greed and shortsightedness, and it’s surely only a matter of time before the walls come crashing down.  

A security awareness module, no matter how creative and engaging, won’t change human nature overnight but being aware of the issue is a good start on the road to doing something positive about it.  We know of no better tool to shift the corporation from an ingrained culture of carelessness and mediocrity to one of quality and genuine, widespread concern for information integrity.


No comments:

Post a Comment