Humans still present the biggest cybersecurity risk, according to Duo Security founder Dug Song, formerly a member of the elite hacker group w00w00.
Song co-founded Duo Security in 2010 and the company was bought by Cisco for $2,35-billion in 2018.
He spoke to GlobalData’s Verdict about the current security challenges facing the tech world.
“Arguably, security is getting much better, with more safety being built by default right into the things we use daily, such as our phones and tablets, and cloud services,” Song says. “As security becomes increasingly built-in, rather than bolted on, threats will continue to shift to what is softer and squishier – the user.
“Humans don’t evolve as quickly as technology, thus, a lot of those threats will continue to target people, rather than infrastructure. In today’s age of hyper-connectedness, organisations are no longer monoliths, but ecosystems of users, partners, vendors, etc.
“Thus, threats will increasingly target third parties that organisations rely on or partner with. Many of today’s breaches have been caused by risks outside of the organisation’s control, but in the scope of their dependency. Attackers will be going further and further up the supply chain and technology stack, targeting partners and vendors that organisations use.”
Song explains that the true enemy of security is complexity and the most important thing organisations can do to stay safe is simplify and get the basics right.
“To protect their users and data, organisations need to ensure they practice basic security fundamentals, which includes data encryption and backup, timely patching of software, utilising password managers, multi-factor authentication and overall device hygiene such as ensuring browsers and operating systems are up-to-date,” he says.
“Think of it like washing your hands to prevent the spread of disease rather than needing a hazmat suit.”