Consumers persist in dangerous behaviors, and frequently resist help. Education and awareness is of limited use with very large populations of users, and it's not possible to provide protected infrastructures to large groups of clients or consumers. To facilitate better security, consumers may have to take more personal responsibility and trade some privacy for security. Facing real consequences -- such as financial liability for a stolen credit card -- could help consumers develop better habits. So could clear, immediate feedback such as color-coded password warnings.
Teach employees to think for themselves. Security is everyone's job and security executives are reaching for new ways to encourage employees to trust their judgment, and to question practices they believe may increase risk. This is particularly important for middle managers, who frequently make decisions weighing security risk against potential business gains. Some companies are training IT helpdesk personnel to take a more proactive role in security and security education.
The Dartmouth report says the concurrent trends of consumers bringing their own devices and using cloud and online services of their choice coincides with rising threats. "Attacks targeting individuals are growing more sophisticated and persistent. The market for illicit information is more active and organized than ever, so that stolen data are more easily moved and more readily converted to cash. The ability to quickly disseminate information via social media, without regard for the gatekeepers of old media, is an incentive for activist hackers," the report stated.