[If you are a routine kind of person, stop reading here. If you consider yourself to be less bland, I challenge you to read to the end.]
The other day, I asked my sailboat racing colleague, the skipper of Dutchman and ULDB class winner in last year’s SB2KH race, “It looks like there's a lot of wind ‘outside’ for this year’s SB2KH race, what’d you think about heading towards Santa Barbara Island after Anacapa, hooking past the West End of Catalina, then heading in towards King Harbor?” His remark sort of stuck with me. He said, “In this race, staying ‘outside’ is death.” Presumably, he meant that you're sure to get becalmed in the night light air and swirling currents if you hang around Santa Barbara Island and the West End of Catalina in the SB2KH race downwind. “Head ‘inshore’ to Point Dume, sure bet!”
Whether Dutchman is right or wrong, or changes strategy in this year’s epic 90-miler July 28th race from Santa Barbara to King Harbor, the point that struck me is just how routine this sounds.
Are YOU a routine kind of person?
Do you look to park in the same spot when you arrive at your favorite spot? Do you like the same seat at your favorite bar or restaurant? When you order fish and chips, do you stick with dipping it in either ketchup or tartar sauce, either-or but not both, every time? When you order pizza or ice cream, do you stick with your “typical” flavors?
My conclusion from this line of thinking is that the human species likes routine (of course, there are anomalies, but even Evel Knievel stuck to his routine ramp-to-ramp motorcycle jumps…). Why are we humans routine-oriented? My first anthropological hypothesis is that we humans subconsciously look to minimize risk. If you’ve done it one way before and survived, you glean some comfort (subconscious) in knowing that if you do it again the same way, the same seat at the bar, the same parking space, the same pizza toppings, the same route, you’re likely to have an expected outcome that you are likely to be comfortable with. Human-esque risk mitigation.
Adding to this explanation, Kahneman and Tversky's theory on heuristics provides a behavioral explanation for this attitude. We humans often rely on heuristics or mental shortcuts to make decisions and assess risks. This unconscious bias towards familiarity and routine extends to businesses' approach to cybersecurity, leading to a complacency that can have severe consequences.
The Representativeness Heuristic and Cybersecurity:
The Representativeness heuristic, as proposed by Kahneman and Tversky, comes into play. This heuristic involves judging the probability of an event by comparing it to our mental prototype of that event. Many businesses, particularly smaller ones, might believe that cyberattacks mostly target large corporations or government institutions because these high-profile attacks often dominate the news. If a business doesn't fit this perceived 'prototype' of a cyberattack victim, it may wrongly conclude that it's unlikely to be targeted. This misconception further encourages the idea that "it will not happen to them".
The Availability Heuristic and Cybersecurity:
Additionally, the Availability heuristic explains that individuals estimate the likelihood of an event based on how easily instances or occurrences can be brought to mind. When it comes to cybersecurity, many businesses might not have personally experienced a full-cycle cyberattack or data breach themselves or amongst their close acquaintances. Therefore, these threats don't readily come to mind, and the perceived likelihood of such events occurring is erroneously deemed low. This results in a casual attitude towards cybersecurity, fostering a complacent belief of the sort of “Yes, I know these things happen, but it won’t happen to me.”
Analogous to the sailing world, businesses are no different when it comes to their approach to cybersecurity. Often, they adhere to their 'routine' security measures such as antivirus, anti-spam, and email encryption. These are their familiar 'harbor bar seat' or 'usual pizza toppings'. While these measures are important, they may not be sufficient in the current cybersecurity landscape. Cybercriminals, like the ever-changing winds and currents of the open seas, are continuously finding more advanced ways to attack.
To add numbers to this narrative, let's consider this: according to the FBI's IC3 2023 report, losses in 2022 from ransomware attacks (which are often defeated with 'routine' security measures) only amount to 37 million dollars, while Business Email Compromise (BEC) attacks add up to a staggering 2.7 billion dollars. What does this tell us? Cybercriminals are moving beyond the 'routine' attacks and getting more creative, just like how a seasoned sailor might choose an unconventional route to outsmart the competition.
In the realm of cybersecurity, stepping out of your routine means adopting innovative solutions. Here's a quick look at three powerful tools offered by RMail:
So, whether you're setting sail for an adrenaline-filled race or navigating the complex digital landscape of your business, remember - breaking from routine isn't just exciting, it's often necessary for survival. Don't stick to the same old routes and strategies; dare to explore new ones. After all, in this ever-evolving world of cyber threats, staying 'inside' is indeed death. So, head 'offshore' to innovative cybersecurity solutions, a sure bet!
Contact RPost for more information on these innovative services.
November 24, 2023
November 17, 2023
November 10, 2023
November 03, 2023
October 27, 2023