What are we doing wrong in safeguarding our computer systems?

1. Naïve Belief: Who is interested in my system? Nobody is going to attack me. I haven’t done anything bad to anyone, so why will they?

2. Believing Security can be bought: that magic device that I bought will take care of everything.

3. Trusting Anti-virus is enough to safeguard the system: Feel safe once installed.

4. Cleaning instead of prevention: Trying to clean the malware after it has already infected instead of putting in all the measures that could have avoided the malware infection itself.

5. Ignore proactive security measures:Not proactively assessing the security posture of the system in order to fix the loopholes and strengthening the system.

6. Not willing to take the hard step: patching and hardening is hard to do.

On the last point, yes, it is hard, because,

• Users are not aware what patches to apply
• It takes too long to download and install for each application
• It takes away time from the core work
• Not aware what the update might do

Hardening the security posture of the system, knowing the loopholes and applying the fix is a very effective and proven defense system. This requires a deeper or may be simpler, second look.