Many use metaphors like locks, locked doors, guards, guard houses, gates, fences… when discussing digital security. We hear about layered approaches for unstoppable foes in the hopes that we’ll discover them before they reach sensitive material. Manufacturers have advertised “self healing” networks, which monitor configured thresholds and institute pre-determined steps upon any breach of those thresholds. There are secure designs of the physical and application layers. There are secure channels and tunnels that are encrypted. Security utilizes single or two factor authentication. We have identity separated from authorization. With all this “security”; why then do we still have breaches and fear of breaches?

At the heart of all this evolving conversation is a conundrum. The age old wisdom states that a “chain is only as strong as its weakest link.” That “link” is the user! So, no matter how secure devices, policies, or protocols evolve: without evolving the user, they all remain weak! The facts state the obvious – the same social methods for “hacking” secure networks in the 1990’s are just as effective in the 2010’s.