Cybersecurity is Enveloped in Ambiguity

Cybersecurity is Enveloped in Ambiguity

In every corner of the world across every dimension of technology, there is an unprecedented growth in the users connecting to cyberspace. As the world’s use and reliance on cyberspace grows, so too grows our individual and global cyber vulnerability. In recent years, cybersecurity threats have accelerated and grown in significance, scale, scope, and sophistication. Protecting the critical infrastructure and data that underpin our financial markets, power grids, intelligence and defense systems, and which hold the intellectual property and private information of millions of businesses and individuals, has become a high priority albeit, efforts to improve the cybersecurity have fallen short due to a general inability to grasp the economic and psychological dimensions of the problem. We can summarize the circumstances surrounding cybersecurity today in one simple word, ambiguity.  There exists both a lack of understanding as well as an overabundance of inconsistent concepts of the below items: What is cybersecurity? What are its dimensions? How do you operate it? What does it deliver? How is it achieved? How is it sustained? What drives it? How is it measured? Who is involved? This ambiguity combined with today’s existing IT challenges and their inherit diversity in perspectives have forged a complex and nebulous cybersecurity landscape. Additionally, ever evolving advanced persistent threats, regulatory mandates, and complex business operations have driven most organizations to regard cybersecurity as an IT challenge for IT to solve. The truth is that cybersecurity is more than just an IT challenge, it is equally a human challenge, and an organizational imperative to protect customers, partners, competitive advantages, and shareholder interests. The reality we face in this dilemma is that until we understand cybersecurity’s many nuances (and I mean really understand) we will continue...
The 8 Hottest Security Jobs of 2015

The 8 Hottest Security Jobs of 2015

There is an unprecedented demand for highly-skilled professionals capable of building holistic programs, security into new and existing networks, assessing security on a real-time basis as new vulnerabilities are identified and disclosed, and acting as front-line defenders across various industries. Meanwhile, the number of entrants into the workforce has not kept up with this demand, leaving a significant gap in capacity to adequately protect businesses from attacks. At the same time, the lack of clarity and consistency in job profiles, competency models, skills assessment contribute to a sub-optimal deployment of these scarce resources. Openly Secure has built upon the work of previous efforts to identify and validate the hottest security jobs, the top eight list of roles define the apex of professional skill in the field:   1. Chief Information Security Officer (CISO) / Chief Security Officer (CSO)  A CISO/CSO is a C-level management executive whose primary task is to oversee the general operations of an organization’s IT security department and other related staff. The organization’s overall security is the foremost concern of the CISO/CSO. As such, persons who aspire to become a CISO/CSO must demonstrate a strong background in IT strategy and security architecture. 2. Application Security Engineer / Architect Application Security Engineer / Architect is a mid to high-level employee who requires the demonstrated technical abilities necessary to conduct operational testing of applications before initial deployment and as they are subsequently updated. Competence is assessed on the ability to identify the program avenues most riddled with flaws and holes that give malicious actors access to important content or systems. Applications from the web are particularly vulnerable to malicious exploitation, frequently infecting...
How Security Leaders Succeed

How Security Leaders Succeed

Security teams rely on the ability to learn skills and process information on-the-fly to meet expectations from stakeholders across the business and combat an ever evolving persistent threat. One of the critical contributors to any security program’s success is skill availability. While technical experts and vendors have done great work building cybersecurity solutions, a businesses security program is nothing without the right people and the majority of security professionals today struggle to justify their value to the business. Security represents a vague and fairly intangible field of work that cannot be quantified through profit margins and in the absence of compromise or breach businesses are prone to undervaluing their security program’s criticality to the business. And so it should come as no surprise that the most challenging and critical roles in security is being a leader. Security leadership (directors, security architects, managers, shift leads, senior analysts etc.) must be able to understand the larger picture, translate security into the language of the business, and hold some degree of deep technical knowledge matured over a long career. Throughout my career I have witnessed security leadership either succeed or fail based on how they maneuver through three very common pitfalls:   1. Disadvantageous Support The Security Leadership team has a responsibility to ensure that they are providing the appropriate level of training and mentoring to the younger and less experienced security professionals. They must be sensitive and actively aware when they reward, discipline, and/or punish any individual on the team. Too much discipline or punishment have a tendency to reduce the free thinking innovative environment that successful security teams depend on....

Share This

Share this post with your friends!

ENTER YOUR ACCOUNT
Remember Me
OPENLY SECURE SERVICES
CONTACT US
SIGN UP FOR EARLY ACCESS
REQUEST EARLY ACCESS