Pawan Chawla, CIO & Partner, Lucideus
Cybersecurity is an occurrence representing a complex socio-technical challenge for an organization but requiring the involvement of individuals. Although cybersecurity is one of the most important challenges faced by an organization today, the visibility and public awareness remain limited.
Challenges around cybersecurity are not new and have actually been around since the beginning of computing. However, it is now a topic that everyone talks about today. It is a board, public safety, livelihood, and a personal topic. Now, we need to effectively address industry challenges to preserve the computing environment in the future.
Today, most cybersecurity efforts are focused on what is referred to as the “EMR” model of educating, monitoring, and remediating.
This approach is effective but is essentially like the game of “whack-a-mole,” where the core underlying risks and issues are never solved and keep popping up.
While EMR is essential, the innard foundation of a secure and virtuous computing experience requires being more proactive. Proactive means ongoing, real-time, continuous self-testing and self-assessment a focused education as it pertains to best practices. This, combined with a continued evolution in the new technologies, will help mitigate and ensure more trust in the future. Still, it will be very difficult to solve all cybersecurity challenges due to the technical dependencies that exist and will exist for the immediate future.
Safe and secure computing can occur with a connected, comprehensive approach to security hammered in each of the leading digital disruption bars, from the Internet of Things, to conversational artificial intelligence, to blockchain and distributed ledger technology, to wearables and mobility. Industry focus, industry standards, close adherence to best practices, and the constant ability to randomize to protect digital identities is on the horizon and needs to continue to gain acceleration.
However, first and foremost, security best practices begin at the code level. As software engineers and as an innovation industry, we must make sure this is well-executed in each and every opportunity we have.
The intangible nature of cybersecurity, the socio-technical dependences, the ambiguous impact and contested nature of fighting cybersecurity all make it a challenging area for policymakers. Cybersecurity can be framed in different ways, having different effects on people.
The following strategies can offer a better way to frame cybersecurity:
- do not aggravate cybersecurity
- make it clear who the villains are
- give cybersecurity a face by putting the heroes in the spotlight
- connect cybersecurity to values other than security alone
- personalize the message for easy recognition and
- connect to other tangible and clear issues.
Web for Lucideus: Click here