For those of you who have been reading my cybersecurity news roundup blogs for a while now, you know I’m an avid reader. What you may not know about me is that I also was a high school cheerleader. Why is that important? Because it brings me joy to support the amazing efforts of other people. That’s one reason why I started listening to The Plateau Effect: Getting from Stuck to Success, co-authored by Bob Sullivan and RSA Conference’s Executive Chairman, Hugh Thompson. Yes, I’m a little more than a decade late to the game, but the book’s theme is timeless. Thus, I’ve been reflecting on the words of Sullivan and Thompson particularly as they relate to cybersecurity.
In defining acclimation, they write, “At its most base level, this behavior is a survival instinct. The ability to adapt and ignore distracting information is a natural form of self-defense. It allows us to focus on changes and new things that enter the environment that might be threats.” Indeed, having a keen eye for new threats in the environment is essential for any security practitioner. But, Sullivan and Thompson write, “often acclimation does more harm than good.”
In fact, I had to wonder how much acclimation plays a role in the human error, which is reportedly the root cause of 95% of cybersecurity issues. An annual report issued by the Australian Cyber Collaboration Center found, a “significant decline in the perceived value of online security, with only 60% of Australians believing it is worth the effort – a drop of 9% since last year.”
Even though John Steinbeck may have argued differently, businesses are much like humans in the way that they behave. As a result, many companies also suffer from complacency. As NetSPI CISO Joe Evangelisto wrote, “The path to a secure future necessitates the concerted effort of the entire organization, including external partners, working in unison towards a common goal of robust cybersecurity.” Are you a cybersecurity influencer who has an impactful story about moving from stuck to success? Answer the RSA Conference 2025 Call for Submissions. The deadline has been extended to October 6, so you still have a chance to share your voice with the community.
To learn more about the Human Element, explore the content available in our Library.
Now let’s take a look at what else made industry headlines this week.
Sept. 27: Progress Software warned customers to patch critical and high-severity vulnerabilities found in its WhatsUp Gold network monitoring tool.
Sept. 26: The public Wi-Fi at major train stations in the UK was hacked to display terror messages.
Sept. 26: Senate Finance Committee Chair Ron Wyden and Senator Mark Warner announced legislation to improve cybersecurity in the US healthcare system due to increase cyberattacks.
Sept. 25: Security experts found thousands of US congress staffers could be exposed to account hijacking and phishing.
Sept. 25: The Cybersecurity and Infrastructure Security Agency (CISA) released a threat response guidance toolkit for K-12 schools.
Sept. 24: The Hacker News reported, “researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover and perform fraudulent transaction.”
Sept. 24: Arkansas City in Kansas was forced to switch their water treatment facility to manual operations due to a cyberattack.
Sept. 23: “The US Department of Commerce announced a proposed ban on the software and hardware made by foreign adversaries, particularly that of China and Russia,” Dark Reading reported.
Sept. 23: The Department of Homeland Security announced a grant funding of $279.9 million for state and local cybersecurity programs.