We Say Password, You Ask Whether We Want Fries With That

Super-sized sigh...

We just ran a series of four fantastic posts on passwords. Read each of them.

And just like that -- 

McDonald's apparently had an AI-enabled employment application system. And yep, that's right: its password was 123456.

So many angles on this, let's review five:

1. It doesn't matter how much technology you have, employees will make the system easier for them to use. That's how you get passwords such as 123456. And that's why we focus on behavioral cybersecurity.

2. The AI application did not flag the password. If you say, well, why would it, I reply: technology is a tool and its functional parameters are very narrow, which is why we need to have people in the loop who are savvy about security parameters.

3. There are bad cyber-actors out there looking for vulnerabilities. In this case, it was the clan of the Hamburglar. (Sorry. Sort of.) Remember, though: this is gang activity.

4. Leaders need to be clear with their security staff that behavior such as setting laughably scrawny passwords is unacceptable. This is why we repeatedly talk about leaders asking hard questions about what is being secured and why. 

5. This incident shows what can happen when companies don't factor security into creating more presence outside of their core systems. As I've said before, your company exists at the point where it gathers data from customers. People want their interactions to be secure. Your security people need to have a mindset that they are advancing the growth of the company by having secure processes.

Finally, remember this: if something like this can happen at a well-run corporation the size of McDonald's, it can happen in your company also.

Ask us how we can help you create a behavioral cybersecurity function that leaves you saying I'm luvin' it.