No Place for Complacency
The World Health Organization (WHO) issued a warning on 16 Nov 2020 that even with the arrival of COVID-19 vaccines, “this is not the time for complacency.” Its Chief Scientist reiterated this warning against COVID complacency on 23 Dec 2020, reminding the world to be on its guard while the vaccine is rolled out. But despite these and other numerous warnings from healthcare and other officials, people have become complacent and we continue to see a surge in the number of COVID-19 cases in many countries around the world.
Closer to home, the Singapore Straits Times reported on 22 Jan 2021 that Singapore was seeing more COVID-19 community cases as complacency sets in. Malaysia was also seeing a surge in new cases, with Malaysian Public Health Physicians Association president Datuk Dr Zainal Ariffin Omar noting that Malaysians seem to have become complacent with the SOPs to contain the spread of the virus, and “only follow the SOPs when enforcement officers are nearby.”
People become complacent for a number of reasons. I would like to highlight 3 of them:
1. Denial: A false sense of invincibility
We read about how so many people are getting infected, but strangely think that this will not happen to us – until it does. Perhaps we have been so conditioned to think positively that this positivity denies that anything bad can happen to us. Or our human brain is wired to not want to think of anything bad happening to us, and so we deny that it can happen to us.
2. Overconfidence: A false sense of security
A false sense of security happens when we think that we are safe just because we have taken some precautions and believe they are enough. We wear a mask when we go out and wash our hands when we return and believe that with such precautions in place we will not be infected. However, we may be leaving out other precautions – we may rub our eyes or fail to use a serving spoon in shared meals – thus opening us up to catch an infection. On the other hand, we may throw all caution to the wind just because we have been vaccinated. In this case, we make ourselves susceptible to the flu and other illnesses, and while we may not come down with COVID-19, we may still fall ill in the end.
3. Fatigue: A false sense of sufficiency
Perhaps the biggest reason why we become complacent is that after a while, we simply get tired of following the suggested precautions. We feel that we have done enough already, and as nothing bad had happened so far, think it’s ok to relax a little, to let our guard down a bit. And when nothing bad happens when we do so, we think it’s ok to relax even further, believing that the relaxed precautions we are taking are enough. But there comes a point when we let our guard down a little too often or a bit too much, and by the time we catch an infection realize that what we thought was enough is actually never enough.
In looking at these 3 reasons for COVID complacency, what strikes me is how similar they are to IT Security complacency.
Firstly, there are those who are in denial about the threats to their IT systems. They may hear about how some other organization may have been hacked, but think it will never happen to them. The irony here is that their organization may actually already be experiencing an IT security breach that they are not even aware of!
Then there are those who are overconfident about their IT defenses, and think that what they have put in place is more than enough to prevent a security breach. But just as a chain is only as strong as its weakest link, so too is IT security. Before an organization can be confident of its IT defenses, it needs to have a holistic view of its IT security and ensure that every aspect of its IT infrastructure has been secured. And even after it has done so, it should continue to be on its guard and maintain a strong security posture. There is no room for overconfidence.
Finally, there are those who are tired of having to always install security patches and solutions. At some point, they think that their IT systems should be sufficiently patched and secure enough, and either delay putting in the latest security patches, fail to do so, or ignore the latest security threats and solutions. However, because security threats keep evolving, our IT defenses must necessarily also keep in step. The reality is that what is sufficient for today will invariably be insufficient for tomorrow – we will never be done as far as IT security is concerned.
Both COVID-19 and IT security threats pose an existential threat to us and our business. There is simply no place for complacency in either of them.
Where IT security is concerned, there is no place for complacency!
See how NetGain’s SIEM solution provides you with a holistic view of your IT infrastructure’s security to keep threats at bay