Straitstimes.com header logo

For subscribers

Yawn, another cyber-security test. Time to rethink them?

Current cyber-security training is failing to take into account human behaviour and frailties. It can even make a firm less secure.

Sign up now: Get ST's newsletters delivered to your inbox

Cyber criminals grow more sophisticated. They exploit loopholes in human behaviour such as fatigue, distraction and making habitual shortcuts.

A scam prevention mural at Clementi Central. Cyber criminals grow more sophisticated. They exploit loopholes in human behaviour such as fatigue, distraction and making habitual shortcuts.

ST PHOTO: BRIAN TEO

Georgios Christopoulos

Follow topic:

It’s Friday and an employee is rushing through a mandatory 45-minute cyber-security video, about to miss the deadline set by the company. The tips are predictable: “Don’t share your password”, “Beware of suspicious links”. They let it run in the background, clicking through it as they scroll Instagram – and pass. 

Everyone passes. The company’s cyber-security team boasts: “100 per cent compliance”. On paper, the company looks secure. In reality, it isn’t, because you can have the knowledge, but it doesn’t take into account the behaviour of humans and their frailties.

See more on

E-paper

Newsletters

Podcasts

RSS Feed

About Us

Terms & Conditions

Privacy Policy

Need help? Reach us here.

Advertise with us

Download the app

Get unlimited access to exclusive stories and incisive insights from the ST newsroom
Subscribe Placeholder
MDDI (P) 046/10/2025. Published by SPH Media Limited, Co. Regn. No.202120748H. Copyright © 2025 SPH Media Limited. All rights reserved.