Cybersecurity is Not Just a Technical Problem

Dateline: June 23, 2017

Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend.

Getting our hands around cybersecurity is a top priority for many executives.  CIOs and CISOs understand cybersecurity is more than a technical problem to solve.  Other C-suite executives are quickly coming up to speed, understanding that being cyber-resiliant is the responsibility of everyone in the company, not just the technical leader.  Recently Harvard Business Review published an article, Why is Cybersecurity so Hard, written by Michael Daniel, president of Cyber Threat Alliance (a cybersecurity information sharing non-profit) addressing this issue.  He suggests,

As long as we treat cybersecurity as a technical problem that should have easy technical solutions, we will continue to fail. If we instead develop solutions that address the reasons why cybersecurity is a hard problem, then we will make progress.

Instead, Mr. Daniel suggests 3 barriers to overcome:

  • It’s not just a technical problem (it incorporates aspects of economics, human psychology, and other disciplines)

  • The rules of cyberspace are different from the physical world’s (for example, in the physical world, crime is local — you have to be at a location to steal an object, so police have jurisdictions based on physical boundaries. But in cyberspace you can be anywhere and carry out the action, so local police jurisdictions don’t work very well)

  • Cybersecurity law, policy, and practice are not yet fully developed (internet and cyberspace have existed for only about 25 years and have constantly changed over that time period. Therefore, we have not developed the comprehensive frameworks we need)

Thinking more broadly about cybersecurity should illuminate alternatives to cyber-resiliency.  How can you increase cyber-resiliency of your organization?

That’s a WRAP!  Have a great weekend!

Speak Your Mind