Cybersecurity is Enveloped in Ambiguity

Cybersecurity is Enveloped in Ambiguity

In every corner of the world across every dimension of technology, there is an unprecedented growth in the users connecting to cyberspace. As the world’s use and reliance on cyberspace grows, so too grows our individual and global cyber vulnerability. In recent years, cybersecurity threats have accelerated and grown in significance, scale, scope, and sophistication. Protecting the critical infrastructure and data that underpin our financial markets, power grids, intelligence and defense systems, and which hold the intellectual property and private information of millions of businesses and individuals, has become a high priority albeit, efforts to improve the cybersecurity have fallen short due to a general inability to grasp the economic and psychological dimensions of the problem. We can summarize the circumstances surrounding cybersecurity today in one simple word, ambiguity.  There exists both a lack of understanding as well as an overabundance of inconsistent concepts of the below items: What is cybersecurity? What are its dimensions? How do you operate it? What does it deliver? How is it achieved? How is it sustained? What drives it? How is it measured? Who is involved? This ambiguity combined with today’s existing IT challenges and their inherit diversity in perspectives have forged a complex and nebulous cybersecurity landscape. Additionally, ever evolving advanced persistent threats, regulatory mandates, and complex business operations have driven most organizations to regard cybersecurity as an IT challenge for IT to solve. The truth is that cybersecurity is more than just an IT challenge, it is equally a human challenge, and an organizational imperative to protect customers, partners, competitive advantages, and shareholder interests. The reality we face in this dilemma is that until we understand cybersecurity’s many nuances (and I mean really understand) we will continue...
Why You Should Focus On Database Security

Why You Should Focus On Database Security

Big data is on the rise and with it are the number of databases you’ll find in any given business. Data is the life blood of any business but nevertheless, It’s clear that most businesses today still manage database security by the seats of their pants. The majority of businesses do not monitor their databases at all and even more troubling, most don’t even know where their data resides. Before a business can protect its data, it has to know where it is but many security teams are finding it difficult to track their data across numerous disparate databases. Security must adapt to keep pace with the sheer volume of databases that are running these days by systematically monitoring their activity to truly gain visibility into who is accessing what data. The most common cause of database vulnerabilities is a lack of due care at the moment they are implemented. Although any given database is tested for functionality and sustainability, very few checks are made to check the database is not doing things it should not be doing. Many of today’s nastiest breaches occur at the hands of hackers who take advantage of database and web application vulnerabilities to break into sensitive data stores. Ultimately the weaknesses found in database security today is an administrative rather than a database technology problem. Security teams and database administrators need to develop consistent practices for looking after databases. Security controls such as, the segregation of duties, can make life much more difficult for insider threats. In addition, limiting and controlling administrator privileges can make attackers have to work that much harder to...

Share This

Share this post with your friends!

Remember Me