When companies suffer a data breach, employees are usually key in enabling hackers to access to the infrastructure to steal sensitive information. In spite of billion-dollar efforts to bolster corporate security and educate employees, Internet users in the US still have little knowledge about basic cybersecurity, according to a recent Pew Research survey.
“Despite the risk-reducing impact of good cybersecurity habits and the prevalence of cyberattacks on institutions and individuals alike, […] many Americans are unclear about some key cybersecurity topics, terms and concepts,” Pew said.
Over 1,000 respondents were unable to identify phishing examples and unfamiliar with ransomware. Although some could detect strong passwords and understand the risks of connecting to public Wi-Fi networks, Americans still have trouble grasping notions such as two-factor authentication and botnets (less than 15%) or identifying https website encryption, among others. The cybersecurity educational gaps turn them into critical risk factors for corporate infrastructures.
Hackers base their entire attack strategy on a lack of security awareness; they trick employees into clicking on infected links or downloading malicious software onto work devices that spreads across the entire IT system within seconds.
Microchips similar to those used for collar plates might come to the rescue, according to the Associated Press. Swedish startup Epicenter believes NFC-based microchips implanted between employees’ thumbs and index fingers for authentication will strengthen security and reduce risks. For testing, the company has been implanting its staff since January 2015.
Soon enough, the employees of the future could walk around the office using only a movement of their finger or palm to open doors or operate equipment, as these microchips turn into an extension of our limbs, wallets and who knows what else. As for next steps, embedded electronics?
"It basically replaces a lot of things you have, other communication devices, whether it be credit cards or keys," Patrick Mesterton, co-founder and CEO of Swedish startup Epicenter told the AP. “But then on the other hand, I mean, people have been implanting things into their body, like pacemakers and stuff to control your heart. That’s a way, way more serious thing than having a small chip that can actually communicate with devices.”
As great as this initiative might sound, what happens to the data it collects? Obviously, implanted chips will collect information about employees, but no one has mentioned what kind of information or what the employer will ultimately do with it. This might just become the perfect surveillance method: convince users that they’re part of a hip experiment, then closely keep an eye on them and their activity.
True, desperate times ask for desperate measures. Following the rise in sophisticated attacks, the multitude of exploit kits available on the dark web and employee carelessness, enterprises must come to terms with the idea that a breach is imminent and take all measures to minimize the risks and mitigate the aftermath of a cyberattack. Since employees are a preferred target, microchips might just be an intuitive solution to lower risks and immediately detect an attack entry point.