More often than not, human error is the most frequent cause of cybersecurity incidents. Unintentional user mistakes, omissions, and carelessness invite issues into workplace and home systems at an ever-increasing pace.
But one former white hat hacker-turned-cybersecurity expert has a people-focused solution. North Wonders founder Terry Ziemniak develops holistic programs to better educate and inform users on ways to detect and respond to cybersecurity threats.
Terry led information security initiatives for two enterprise organizations over a 25-year career in cybersecurity. He knows from experience that companies spend a lot of money on hardware and software, yet they are still getting hacked.
His customer-based research into the root of the problem verified that companies simply lack the necessary focus on the people aspect.
Said Terry, “People continue to fall for social engineering scams and bad links. So we get practical and personal in helping them understand the basics. Once you understand how to protect your kids’ photos or your bank account, then you develop 24×7 mindfulness. When people become safer members of the internet as a whole, they are better about protecting assets at work.”
Utilizing newsletters, presentations and customizable programming, North Wonders provides relevant content, actionable information and most importantly, measurable results. Desired behaviors and habits are introduced and reinforced via non-technical insight on the impact of current threats as both consumers and employees.
Since opening in late 2017, Terry has been working with companies to train employees on the front line of these attacks. North Wonders builds in metrics and executes on whatever particular risk the client requests, providing valued insight on the effectiveness of the training.
While currently focused on small- to medium-sized organizations, Terry has customized programming for a large financial institution that wanted to drill down on customer identity theft, for example. North Wonders’ service is also appropriate for channel/partner networks, IT service companies and Human Resource organizations. Terry also sees opportunity to co-brand content with client companies.
But, he points out, North Wonders is foremost a program, not a library of content.
“It is all about having regular touchpoints with users so we can engage them. We want to educate and empower users,” he said. “We want to get them to where they can detect bad actors—no matter what type of attack is used.”
North Wonder’s people focus certainly appears to be the missing link in cybersecurity effectiveness. A recent report by IBM cited human error as a contributing factor in 95 percent of all cyber security incidents.
So Terry is optimistic and enthusiastic about the potential ahead for the company. He speaks highly of the UNC Charlotte Ventureprise program which helped him with customer discovery and market analysis. That experience validated that companies believe their technology and overall security is good, but they acknowledge the people issue remains a big problem.
Terry also speaks highly of the support available within the Charlotte entrepreneurial community. Participating in Ventureprise, along with a recent presentation at One Million Cups Charlotte, fuels his belief that being tied into the local community is an important factor in driving success.
Said Terry, “I spent 20 years in Chicago. I don’t think I would have attempted or been as successful in Chicago. Not that they don’t have a good support system there, but the Charlotte entrepreneur ecosystem seems well organized. The success of my business will be based on my leveraging the many levels of support here.”
That said, every entrepreneur knows there will be challenges. For Terry, it is a matter of focus.
“In the past month, there have been so many opportunities coming my way. I have to make a very conscious, methodical decision every day to stay focused on the markets I want to target first. Everyone says this is a great idea and a need, and we have very good conversations. But in some cases, I have to put their ideas on a back burner for a few months.”
Still, he is a believer in feedback and listening to the customer. He knows that the best way to embed his people-centered approach is to help people understand how security threats affect them personally.
Building a stronger, better educated community of users who can detect and respond to cybersecurity threats starts with changing user behavior. Terry recognizes that introducing effective awareness programs is the best way to reduce human error.
After all, society has been dealing with fraudsters for a long time. Educated, engaged and empowered users are the best protection against this latest iteration of crime.