Insecurely Secure: A False Sense of Security

Insecurely Secure: A False Sense of Security

Security is an interesting subject that follows us from before our birth until the day we die. Our entire life is comprised of security, insecurity, and a false sense of security that often confuses the two.

  • By Tyler Reguly
  • Jul 01, 2019

As we celebrate the birth of our two nations — Canada Day in the north and Independence Day in the south — I can’t help but think about security or, more specifically, the lack thereof. Maybe it was the video game conference, EVE North, that I attended on the weekend and the discussions I had around security in a video game. It may have been the news reports surrounding Pride this past weekend, where attendees felt insecure in spite of being around those responsible for their safety and security. There’s a high likelihood that it’s tied to the two cities in Florida that have collectively spent $1.1 million paying to recover systems targeted by ransomware.

Security is an interesting subject that follows us from before our birth until the day we die. Our entire life is comprised of security, insecurity, and a false sense of security that often confuses the two. My sister is pregnant and the safety and security of my future niece is often a topic of discussion from my mother questioning if walkers are still safe, to determining if the car seat is expired (yes…car seats expire) and how to install it. I remember when I was younger, I had a favorite blanket that came everywhere with me. When, as an adult, I learned that my mom had thrown out the few ragged pieces that were left, I was still upset. That blanket had protected me from monsters in the closet and boogeymen under the bed. That was probably my first experience with a false sense of security, but it definitely wouldn’t be my last.

I can remember that the door had to be bolted and chained before bed, but windows were left wide open to combat the warm summer nights. I remember a job in high school, where I was responsible for adjusting the front of house lights in a theatre from catwalks, and the supervisor said, ‘There’s a safety harness, but it’s sized for me and won’t work for any of you.’ How many people have heard the story that rear windows in cars only go down part way to prevent children from jumping out? The reality is that there simply isn’t room in the door for the window to go down further. I bet you, however, that there are people who felt safer thinking the car designers were considering the safety of their children. It’s that false sense of security that guides so much of our lives.

On top of my day job of performing security research, I spend my evenings watching and reviewing films. Have you ever wondered why horror movies scare us? Sometimes it’s the jump scares, we’re just not expecting to be startled at that moment, but a lot of the time, with psychological and supernatural horror, it’s because we feel unsafe. Instead of a false sense of security, we have a false sense of insecurity. It’s why we cling tightly to the person next to us watching the movie, why we triple check the locks on our doors, and, in our 30s and 40s, still look under the bed after a scary movie. These actions don’t make us safer, but they counter that false sense of insecurity that we feel.

What does this have to do with the celebrations occurring in two neighboring countries? It’s important to remember those times in your life when you’ve been both secure and insecure…to remember when you had a false sense of security or insecurity. Whether you are secure or have a false sense of security, you feel better, you feel safer. Just as being insecure and unsafe make you feel just as bad as that false sense of insecurity. That’s why it’s important to consider the viewpoint of others to understand why they feel a certain way. What you see as security may in fact be a false sense of security and what you see as a false sense of insecurity may be actual insecurity. It’s going on all around us in every aspect of life, but let’s take a look at a few of the more relevant examples.

When a municipality is hacked and we see ransomware attacks, we see organizations that may have thought they were secure. Maybe they met all the checkmarks on a standard that said they were secure. Maybe they paid attention to one subset of risks without considering the bigger picture. Sometimes organizations focus on things they can’t fix, things they can’t change and overlook attack vectors that they can fix. They have a hard time recognizing security and a false sense of security.

At the video game conference this past weekend, I was asked how I vet the people I play with, how I ensure they won’t scam me in the game. People are shocked when I tell them that I don’t. They have complex checks that audit people’s mail, their conversations, their past history to determine if they can trust them. I’ve recognized that these checks only provide a false sense of security, so I see no value in performing them. This is a conclusion that translates nicely to the real world. A friend recently told me that his wife was almost taken advantage of by a car wrap scam. I had not heard of this, so I investigated and discovered that they post on job search sites with the ultimate ‘make easy money’ scheme. You sign up and they pay to have an advertising wrap put on your car. You get a check in the mail, deposit it, and pay for the car wrap. You pay for the car wrap by wiring the company performing the wrap (rather than paying them when you get the car wrapped). You later find out that the check is a fake when it bounces, but since you’ve already paid the company wrapping your car, you’re out money. The check has the name of a big business and you reached out to them, so it does a great job of creating a false sense of security.

We hear about it all the time. You hear about people selling their car privately. Someone comes by to look at it and asks to take it on a test drive. They just never come back and you slowly realize you handed your car keys to thieves. A lot of you are thinking, “Yeah, but that will never happen to me.” How true is that? How well can you recognize a false sense of security?

If you just celebrated Canada Day or are getting ready for Independence Day, ask yourself if you can recognize when you are really secure. As you’re watching fireworks or enjoying a BBQ, think about the things in your life where you feel safe or unsafe, secure or insecure. Have you evaluated what’s real and what isn’t? It’s not a thought process that many of us go through, but it’s a critical thinking exercise that gives us empathy and understanding. The first step in avoiding being scammed as an individual or hacked as a company is recognizing the parts of the process that give you a false sense of security. Once you identify them, you can do something about it. Then, maybe, you won’t find yourself paying hackers to save your system from ransomware.

Featured

  • Progressing in Capabilities

    Progressing in Capabilities

    Hazardous areas within industries like oil and gas, manufacturing, agriculture and the like, have long-sought reliable video surveillance cameras and equipment that can operate safely in these harsh and unpredictable environments. Read Now

  • A Comprehensive Nationwide Solution

    A Comprehensive Nationwide Solution

    Across the United States, manufacturing facilities, distribution centers, truck yards, parking lots and car dealerships all have a common concern. They are targets for catalytic converters. In nearly every region, cases of catalytic converter thefts have skyrocketed. Read Now

  • Planning for Your Perimeter

    Planning for Your Perimeter

    The perimeter is an organization’s first line of defense and a critical element of any security and surveillance program. Even if a building’s interior or exterior security is strong, without a solid perimeter surveillance approach any company or business is vulnerable. Read Now

  • The Key Issue

    The Key Issue

    It is February 2014. A woman is getting ready in her room on a cruise ship when she hears a knock on the door; it is a crewmember delivering breakfast. She is not presentable so she tells him to leave it by the door. Read Now

Most   Popular

Featured Cybersecurity

New Products

  • CyberAudit Introduced to Manage Systems, Intuitive Interface

    CyberAudit Web

    CyberLock, Inc. announces the release of CyberAudit Web 9.4! CyberAudit-Web (CAW), the software suite for managing CyberLock systems, provides an intuitive interface to assign keys, set expirations, monitor staff and configure access schedules. 3

  • Genetec Security Center

    Genetec Security Center

    This major new release allows more system components to run in the cloud, reducing the gap between cloud and on-premises security systems. It also makes it easier to connect external systems and tap external data for use in dashboards, maps and investigations without relying on complex, specialized integrations. 3

  • Camden Door Controls CV-603 2 Door Bluetooth Access Control System

    Camden Door Controls CV-603 2 Door Bluetooth Access Control System

    his app-based system is designed to provide ‘best in class’ security of doors and gates, with up to 2,000 users. The intuitive programming app is Apple® and Android® compatible, with easy to use system set-up, user administration, downloadable audit trail and data back-up. 3