/* ---- Google Analytics Code Below */

Friday, April 17, 2020

Cybersecurity Risk

Advancing for some time now,  but at least we should be able to assemble defenses for the inevitable?

Why Is Cybersecurity Not a Human-Scale Problem Anymore?
By Gaurav Banga
Communications of the ACM, April 2020, Vol. 63 No. 4, Pages 30-3410.1145/3347144

Rarely a day goes by that we don't see news about the poor state of affairs in cybersecurity. From data breaches at Target, the U.S. Office of Personnel Management, Sony, Disney, Yahoo!, Equi-fax and Marriot, the drumroll continues unabated. We are now in a world, where it's a matter of when, not if, an organization is compromised by a cyber-attack.

Most of us think of cybersecurity as a series of controls (tools and knobs) that an organization has to implement, and it seems perplexing why cyber-defenders in the situations mentioned here failed to take the necessary steps to protect themselves. Our focus on addressing cybersecurity challenges has been around inventing new controls (or enhancing existing ones) and implementing them correctly in the enterprise. This is an inadequate view.  ... ." 

No comments: