No cyber security program can protect against one fatal flaw: human error. Considering that over 91% of all cyberattacks starting off with a phishing scam, I’ve always approached cyber security with some level of skepticism, especially when it comes to mobile devices. Yes, you can protect a suite of apps. Yes, you can tell employees not to open emails from Nigerian princes who want to give you fame and fortune. But what if you get an email about a death threat against your daughter? You’re going to open that email. You’re human. We all are.

Sorry to all my fellow Western movie fans, I didn't mean to play on your emotions so no this is not about a futuristic remake of this 1966 classic starring Clint Eastwood. However, I think this storyline has parallels to the 3 main characters that were in constant conflict throughout the film. The stage is set and I have no idea when the final showdown will take place but I see a digital world that also has serious competing interests across the great innovations, the misinformation / fake news phenomenon and the cyber bullies as well as the cyber criminals.

As the Maslow Hierarchy of Needs points out, safety is on the top of the list for humans. Once our physical needs are addressed, the need for personal security, financial security, health and well-being as well as safety net against accidents/illnesses dominates our behavior. Yet our actions at times do not match this need, we do not always lock the doors especially when we believe there is no imminent danger of a break-in and, in fact, we do not have impenetrable doors or locks installed in our homes even in the higher crime neighborhoods. I have witnessed the car running, doors open with no one inside just ready to be driven off but “I was only gone for a split second” as per the statement in the police report. We are still relatively easy targets for identity thieves or debit card cloners and there goes our financial security, albeit temporary these days but still a very stressful time. Mostly our attitude towards security seems to be with the acceptance that an incident is likely to occur despite our best efforts. This causes us to have a laisser-faire attitude in trying to prevent them but instead we are wired to focus on mitigation.

Mobile-first has become somewhat of a cliché but it is certainly not one to brush off if you are a CIO or CISO. The reality of users wanting to access all of their work-related and personal applications from their mobile device is here to stay. This is reflected in the continued growth in mobile data usage, increasing by 60% between 2015 and 2016. Yet, with malicious domain access on mobile devices up by 200% since last year, the risks that mobile device vulnerabilities can pose for enterprises highlight the need for CIOs to reassess their approach to mobile security.