We have embraced technology as the backbone of our work, our play, and even our identity. It powers our businesses, secures our finances, and connects us across the globe. Yet, the very tools we rely on are being weaponised against us—by cybercriminals, unethical corporations, and even nation-states. This is big business, and for many, the rewards and accolades are celebrated. They have a completely different mindset and perspective.
The recent Bybit breach, where hackers drained $1.5 billion USD from the crypto exchange and triggered over $5.5 billion USD in withdrawals, serves as a stark reminder: our digital world is only as secure as its weakest link. And right now, we have plenty of weak links.
Are We Too Digital, Too Fast?
Our fascination with digital assets and cryptocurrencies has accelerated innovation, but have we stopped to think about the risks? The very foundation of crypto was built on decentralisation and security, yet centralised exchanges remain prime targets for exploitation, as they have proven to be very rewarding.
At the same time, quantum computing is not just on the horizon—it’s nearly upon us. With some of the big players like Google, Microsoft, and IBM investing billions, breakthroughs are happening faster than expected. Quantum computing has the potential to break traditional encryption methods, making much of today’s cybersecurity obsolete sooner than we anticipate. Hackers and nation-states are already harvesting encrypted data today, waiting for quantum power to unlock it tomorrow.
We’ve been quick to adopt new technologies, but are we planning far enough ahead to secure them?
Passwords are Already a Problem
We’ve known for years that passwords alone are dangerous. Data breaches happen daily, leaking billions of credentials into the hands of cybercriminals. Multi-Factor Authentication (MFA) helps, but even MFA is not infallible—especially when many users opt for easily phishable SMS-based codes.
The Biometric Trap: Convenience or Vulnerability?
Biometrics have been marketed as the ultimate security solution—fingerprints, facial recognition, iris scans. But here’s the problem: you can’t reset your face or fingerprints if they get stolen.
We’ve become comfortable handing over our most personal identifiers, yet:
- Deepfakes and AI-generated attacks are making it easier to spoof facial recognition.
- Centralised databases storing biometric data are high-value targets for hackers.
- If a password is compromised, you can change it. If your biometrics are compromised, you’re permanently exposed.
Have we given away too much in the name of convenience?
Rethinking Security: What’s Next?
We cannot afford to be complacent. Security in the digital age requires more than just reaction—it demands proactive strategy. So, how do we move forward?
- Beyond MFA – Layered Security: It’s not about one solution but a combination of security measures that work together.
- Decentralised Security Approaches: Storing biometric data locally on devices instead of central databases reduces risk. (Unless hacked, of course.)
- Quantum-Resistant Encryption: The quantum age is near—organisations must begin transitioning to quantum-safe encryption now, before it’s too late.
- Zero-Trust Mindset: Assume breaches will happen and design security systems accordingly. (However, this often leads to a stronger systems-before-people approach and further restrictions.)
- Education & Awareness: Technology evolves rapidly—so must our understanding of its risks.
Risk Starts and Ends with People
Each of the options listed requires a mindset shift and action—which means people must be at the centre of security strategies. Technology alone will not save us. Instead of treating security as purely a technical challenge, leaders must invest in awareness, adaptability, and engagement with their people.
We often see businesses take a systems-first approach, introducing controls that create barriers instead of enabling people. But when security becomes a roadblock, people find workarounds—and that’s where new risks emerge. When people don’t feel part of the security conversation, they resist, they disengage, and ultimately, they become the weakest link.
So, what if we rethink our approach? Instead of forcing people to comply with rigid systems, what if we design security strategies that empower them to be active participants in protecting the business? This requires understanding their mindset, knowledge gaps, and vulnerabilities—then bridging the gap between people and systems to move forward in a way that is aligned with organisational identity (purpose, values, mission, objectives) while still embracing innovation to ‘Protect the House.’
Einstein once said: “You can’t solve a problem with the same thinking that created it.” If we keep taking the same reactive approach—waiting for breaches to expose new vulnerabilities—we’ll always be behind.
"It is only by focusing on risk with and through your people, that you are going to truly solve your organisational risk exposure and drive transformational change."
What Do You Think?
In a world where technology moves at lightning speed, the question isn’t if security threats will evolve—it’s how prepared we are. Are we shaping the future of security, or are we simply waiting for the next breach to remind us of what we should have done?
🔹 We are witnessing breaches that are becoming more sophisticated and bold almost daily. So how many more examples do we need? Are we becoming numb to it, or do we believe, ‘It happens to others, not me’? That mindset won’t work out so well.
🔹 Security isn’t someone else’s problem—it’s yours, mine, and ours. If you’re still waiting for the ‘big one’ to take action, you’re already behind.
🔹 Risk Rebels don’t wait for disasters to force change—they drive the change. They don’t ask, ‘What should we do?’ They ask, ‘How do we bridge the gap between people and systems—so security enables innovation instead of restricting it?’
💡 If we get security wrong, we don’t just risk breaches—we risk losing trust, innovation, and progress.
Let’s start the conversation. Risk Rebels, what say you?
