Cybersecurity: The Razor’s Edge Between Education and Scare Tactics

TCS is committed to educating our client base and small-to-medium sized organizations at large about Cybersecurity – the existing threats out there and how best to protect against and mitigate the effects of those threats.  To some, that can sound scary.  The scary reality is that there are real threats out there that can disable and sometimes even pose an existential threat to your company or organization.  Sticking our collective heads in the sand is not a viable option.

The Distinction between Scare Tactics and Education

So what is the distinction between educating about scary topics and using scare tactics?  Education first seeks to increase awareness, not for the sake of scaring but for the sake of providing reasonable dialogue regarding ways to protect against those scary outcomes.  Scare tactics seek to manipulate emotion and shutdown dialogue.  They present no discussion, but only seek to scare someone into a decision.  Education, on the other hand, presents the potential scary scenarios and then reasons through a range of solutions to protect against them.

For instance, there is a world of difference between informing someone that accounts tied to their organization are available for sale on the dark web, and detailing every scary outcome that could result from that vulnerability.  Scare tactics use threatening language to get their desired outcome while education seeks to have a simple conversation.  The fact of the matter is that those accounts for sale on the dark web may not have the most current password associated with that login, which makes it less of a threat.  Nevertheless, a conversation can be had regarding how even old passwords can give attackers clues as to how you typically approach creating your passwords.  Simply changing the password may not be the best solution in that scenario. 

TCS Is Committed to Cybersecurity Education

Is your MSP doing a good job of educating you on those matters?  Do you know whether you have compromised accounts on the dark web?  If your internet/email domain has been online for more than a few years, then chances are you do have some compromised accounts.  The real question is, do you know what those accounts are and what have you done as a result?  The only thing that makes this scenario scary is the unknown.  TCS seeks to take out that unknown and educate organizations on how they can respond in a way that mitigates the ill effects of compromised accounts.

Coming out of the Dark

What differentiates TCS from other MSPs?  In this context, TCS doesn’t want you to be in the “dark” (pun intended) regarding your Cybersecurity position.  We encourage all Cybersecurity education, whether it comes from TCS or not.  Hopefully, if someone comes along and mentions to one of our clients that they have compromised accounts on the dark web, our customer is educated in Cybersecurity enough to respond, “Of course we do, and we’ve responded in these ways to mitigate the effects of those compromised accounts.”  When a prospect responds in a way that indicates they are unaware of what that means or the potential ramifications for what that means, we see opportunity to educate – not for the aim of scaring them, but to the end that they comprehend what’s at stake and how best to protect themselves against it.  Sure, there is a fine line there; but TCS is committed to education, not emotional manipulation.