Cybersecurity is Enveloped in Ambiguity

Cybersecurity is Enveloped in Ambiguity

In every corner of the world across every dimension of technology, there is an unprecedented growth in the users connecting to cyberspace. As the world’s use and reliance on cyberspace grows, so too grows our individual and global cyber vulnerability. In recent years, cybersecurity threats have accelerated and grown in significance, scale, scope, and sophistication. Protecting the critical infrastructure and data that underpin our financial markets, power grids, intelligence and defense systems, and which hold the intellectual property and private information of millions of businesses and individuals, has become a high priority albeit, efforts to improve the cybersecurity have fallen short due to a general inability to grasp the economic and psychological dimensions of the problem. We can summarize the circumstances surrounding cybersecurity today in one simple word, ambiguity.  There exists both a lack of understanding as well as an overabundance of inconsistent concepts of the below items: What is cybersecurity? What are its dimensions? How do you operate it? What does it deliver? How is it achieved? How is it sustained? What drives it? How is it measured? Who is involved? This ambiguity combined with today’s existing IT challenges and their inherit diversity in perspectives have forged a complex and nebulous cybersecurity landscape. Additionally, ever evolving advanced persistent threats, regulatory mandates, and complex business operations have driven most organizations to regard cybersecurity as an IT challenge for IT to solve. The truth is that cybersecurity is more than just an IT challenge, it is equally a human challenge, and an organizational imperative to protect customers, partners, competitive advantages, and shareholder interests. The reality we face in this dilemma is that until we understand cybersecurity’s many nuances (and I mean really understand) we will continue...
3 Tips For Learning Security

3 Tips For Learning Security

I get a lot of questions regarding where exactly to start when trying to get into security and frankly, that’s a very important question as today’s security job market is extremely competitive. If you want to be taken seriously you need to learn something! The first thing you should understand about security is that it is big- I mean really, really, really big. There are thousands upon thousands of specialty tracks in security that can range from watching security camera feeds, ensuring physical barriers are in place around a data center, sensitive network traffic is properly encrypted between endpoints, validating and sampling technical and operational controls for compliance, and the list goes on. The point I am trying to make is that there are countless opportunities out there for you that fit your specific skill sets. You don’t have to code to work in the field of security much like you don’t have to watch security camera feeds to be in the field of security. One of the foremost think tanks in security is a man named Bruce Schneier and he provides excellent advice for anyone learning to get into computer security but the this can apply across multiple domains:   Study. Studying can take many forms. It can be classwork, either at universities or at training conferences like SANS and Offensive Security. (These are good self-starter resources.) It can be reading; there are a lot of excellent books out there — and blogs — that teach different aspects of computer security out there. Don’t limit yourself to computer science, either. You can learn a lot by studying other areas...

Share This

Share this post with your friends!

Remember Me