If you’ve been given responsibility for network security in a non-technical area of the business, there’s one eternal question that has been bedeviling admins for decades. Shelves of words have been spilled on the subject, to limited result.How do I get the user to stop clicking everything?
Everyone with cybersecurity responsibilities has their own crop of horror stories where an intransigent user has clicked furiously on a Dridex installer, wondering why their “invoice” won’t load. A user might enable macros to see the “important notice”, scratch their head at the display issues, then open the document on another machine because theirs obviously had issues. A more recent corollary is the user who gets an email from the “CEO”, and subsequently starts a wire transfer to a dodgy address in Asia without following up with anyone. These are problems that have been appearing in almost every organization, for years. So what is wrong with these people and how do we fix it?