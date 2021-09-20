The random nature of cyberattacks makes it difficult to determine what companies are doing a good job at security.

“If you are an expert in cybersecurity and you are excellent at your job 99.99% of the time and you get breached, you are a failure because of that one breach,” he noted. “If you’re a hacker and you fail 99.99% of the time, you could be considered a success because there was that one time you got in and got paid and stole data.”

That one success is not always the fault of the computer system.

“Usually, the first thing that fails is a human being making some kind of mistake. If I program a computer system to block traffic a certain way, it will do it without fail,” Maurer said. “You can train people, but we don’t always follow rules and sometimes we’re just tired and responding to emails very quickly and accidentally hit a link.”

Once inside a strong security system, hackers must run a gamut of security efforts designed to make access to data more difficult such as data encryption in and out of network and encrypting databases as well as requiring more than one form authentication in addition to a password.

The first step at stopping hacks is to stop their entry. That means training people to think security, he said.