Cybersecurity Is Not Important and Here’s Why
Cybersecurity Is Not Important and Here’s Why
#cloud services #cybersecurity issues #cybersecurity professional #personal information #cyber threats #cybersecurity events #data breach #cybersecurity culture #organizations risks #sensitive data
Yes, the title is provocative, but this is for a reason. What generated this idea that cybersecurity is not important was due to reading a provocative essay by University of Minnesota Professor Andrew Odlyzko entitled “Cybersecurity is not very important”1 I think this is a great idea to think about things from the polar opposite view because this is what helps and encourages out of the box thinking.
Security practitioners of all types know security of all is important, and today cybersecurity is quickly coming to the top of the list when it comes to types of security. However, it is equally important to know why it isn't. If this was written from a personal/relationship standpoint, I would hope communication, relationship and love are way more important than cybersecurity. If you are in a plane and it's going down, cybersecurity means very little. Understanding the context is key and having diversity of thought is a good idea. Diversity of laws and standards are not.
Cybersecurity is important because it covers everything that is related to the protection of our sensitive data, personal data (PII), protected health data (PHI), personal data, intellectual property, data and state and industrial information systems against theft and damage by criminals and opponents. If this was important to a company or organization, they would spend money on it, and lots of it to keep it safe. However, because cybersecurity not that important to organizational leaders, they spend money elsewhere. My guess is because executives feel the risk of cybersecurity increases due to global connectivity and the use of cloud services, such as Amazon Web Services, to store confidential data and personal data will solve their problem. Unfortunately, this can’t be farther from the truth, the cloud is a little more secure than most platforms, it is still insecure. The widespread inadequate configuration of cloud services in combination with increasingly sophisticated cybercriminals means that there is an increased risk that your business will suffer from a successful cyber-attack or breach of data security.3
Cybersecurity also includes the aspect in which networks which store personal and business information remain secure. The effects of information theft by hackers can include identity theft after losing millions of dollars in future product sales due to future projects being lost. Because cybersecurity covers the protection of such a wide range of digital resources, including data and information, systems, intellectual property, etc., cybersecurity needs to be in everything and everywhere. To do this, the cybersecurity as an industry also has created many different jobs and career paths.5 To think about this visually, cybersecurity is to commerce as salt is to the ocean. Cybersecurity is so engrained into an organization, system, product or solution, it becomes part of the environment.
To build such an environment, we need to build strong and resilient cybersecurity cultures which protects organizations against cyber threats and possible data breaches. To build these solutions, practitioners and leaders need to keep in mind the average cost of data breaches (which today is just under $4M USD per incident across the globe in 2019)10, loss of business projects, and greater vulnerability to future attacks which your business may suffer. When a breach occurs, some organizations are unable to recover. In cases where they are able to recover, their brand is often tarnished. By baking cybersecurity into an organization, the organization is ensuring their brand is not tarnished. By having a better brand reputation affords new business opportunities for clients who feel safe when working with a company which has invested in the safety of its people, products, solutions, and suppliers.8
Cybersecurity helps prevent data breaches, identity theft, and ransomware attacks, and supports risk management. If an organization has a strong awareness of network security and an effective incident response plan, it can better prevent and mitigate cyber-attacks. Keeping up with new technologies, security trends and threat information is a difficult task. Information security, which aims to ensure the confidentiality, integrity and availability of data, is a subset of cybersecurity. Best practices in cybersecurity can and should be implemented by large and small organizations, employees and individuals. One of the most problematic elements of cybersecurity is the constantly evolving nature of security threats and advanced persistent threats (APT). The traditional approach was to focus resources on key system components and protect against the largest known threats, which meant that components were not protected, and systems were protected against less hazardous threats.7
There are several reasons why a focus on cybersecurity and cybersecurity technologies will eventually undermine its protective capabilities. First, no company has all the resources to fix every cybersecurity problem, and not all patches are equally important. Unfortunately, there are many companies that skip the first stage of thinking about what are the key business activities that can be disrupted by cyberattacks, and instead focus on individual technologies to solve individual problems in their computer systems. Additionally, an organization can use all resources and significant resources to address these security vulnerabilities without ever solving the underlying problem of protecting the business activity from which computers originate.
Cybersecurity is a problem that is not well known to most people, but it has already become an obvious problem of personal and national security. In this article, I will explain why cybersecurity is important, what cybersecurity is, what risks nations, companies and individuals are exposed to due to their problems and challenges with cybersecurity, and what may lay the future for the industry.5
Some of the challenges the industries will face deals with their people. Cybersecurity practitioners will need to improve their soft skills. Soft skills are required because a cybersecurity career means having trusting conversations with employees in all business areas. Also, curiosity is a key element of professional success in the cybersecurity industry, because passionate cybersecurity specialists naturally want to know how it works. This curiosity is one of the ways a novice Cybersecurity expert can learn about the latest tactics, techniques, and procedures used by cybercriminals. After all, cybersecurity experts must be the best players in the team, not only in their organizations but also in their cybernetic communities if they are to collectively keep an organization safe.9
In cybersecurity, workplace culture plays an important role in the entire organization and its security situation. The culture of cybersecurity in the workplace is not just about enforcing rules without properly explaining and informing employees why – such as why they need to change passwords regularly. The culture of cybersecurity and instilling good cyber-hygiene in the workplace is not just about enforcing rules without properly explaining and informing employees that they need to change passwords regularly.8
Because cybersecurity attacks are seen at both corporate and federal networks, many laws and regulations may soon become a reality. If the provisions on cyber threats come into force, there is likely to be a serious problem with the security of the upcoming vote/electoral system and the devices to be used in the presidential election in 2020. Therefore, as new cyber threats emerge, organizations will need to intensify cybersecurity posture, policies and regulations.5
It is important for companies to identify emerging threats and use information about cyber threats from internal and external sources to better understand the likelihood and impact of cybersecurity incidents. An organization which analyzes their operating environment to determine the likelihood of a cybersecurity event and the potential impact on the organization is must more likely to survive. Knowing this, it is important for companies and organizations to identify emerging threats and use information about cyber threats from internal and external sources to better understand the likelihood and impact of cybersecurity incidents. 6
Cited Sources
1. http://www.dtc.umn.edu/~odlyzko/doc/cyberinsecurity.pdf
3. https://www.upguard.com/blog/cybersecurity-important
5. https://startacybercareer.com/why-is-cybersecurity-important/
6. https://www.apcointl.org/cybersecurity/apco-cybersecurity-resources/why-cybersecurity-matters/
7. https://searchsecurity.techtarget.com/definition/cybersecurity
8. https://securitytrails.com/blog/cybersecurity-culture
https://securityintelligence.com/posts/whats-new-in-the-2019-cost-of-a-data-breach-report/