In the last couple of years, we were witnesses to an expansion of technology into our daily lifestyle starting from Internet of Thing Devices, Web Application and different types of services and products that we are using in our daily routine.

All these things have a lot of benefits, which are making our lives easier, comfortable and bringing more connectivity between all of us because they have become a part of our daily jobs and lifestyle.

But, at the same time all these services are increasing the probability of cyber-attacks and giving more opportunities for attackers to get access to private data. Since no system is ever going to be perfect, even if the underlying technology is robust, there will always be the potential for human error to derail the whole thing.

A lot of studies are showing that many of the cyber-security incidents are caused by a lack of security awareness and indicate that human error is one of the biggest root causes.

Due to a lack of knowledge or training or just by the simple fact that the risks are unknown errors could easily arise. To achieve a higher level of security and protection against cyber-attacks inside an organization it is not enough to have the latest technology stack and one of the best internal processes if the individuals are not aware of the possible attacks that they are susceptible to.

In order to achieve a higher level of security in a companies or businesses, some policies and mechanisms are implemented in order to achieve that. In my vision we can identify at least 3 main components which consist of technology, process and people. If these 3 pilons are done properly, you are setting the stones for a solid foundation and a more secure future.

Technology is designed to protect us from different types of attack. Technologies such as firewalls, antiviruses, network intrusion detection and prevention systems and different mechanisms designed to secure the applications and infrastructure that we are using day by day.

A specific process exists inside each organization which provides different layers of access to documents or facilities.

And the most important are the people. As we mentioned before, one of the root causes of the cyber-security incidents is human factor. Due to a lack of knowledge, training or just by the simple fact that the risks are unknown errors could easily arise.

We can conclude by keeping in mind that companies are made by people and this is the most important aspect that we should focus on. To achieve a specific security level inside an organization it is not enough to have the latest technology stack and one of the best internal processes if the individuals are not aware of the possible attacks that might arise.