Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Next Generation of Cyber Security

As I walked through RSA last week, I was struck by the usual fear laden messages “You’re not safe and never will be but I (vendor) have a silver bullet that will protect you.” And, I wondered if this fear-based approach is deterring a badly needed next generation of cyber security approaches.

For as long as I have been in the security industry, the focus has been on selling fear and today that fear is firmly anchored around cyber attacks and what could happen when attackers compromise your network and get a hold of your data. As much as the specter of cyber attacks is real the paranoia and hysteria that accompanies it often gets in the way of finding real solutions. While there were some new and innovative technologies on show at RSA this year, many vendors are still touting yesteryear technologies and approaches.

Expanding Data Networks

cloud-it-comic-cloudtweaks-440

In the Workplace, digitization has changed how we work – it goes beyond the devices we use and where and when we work, and more to the tools and data and our interactions with a expanding networks of people and data. Yet, despite the fear around security breaches, there are few security approaches that truly focus on securing at the data layer with a contextual focus on people and the expanding number of applications in use today.

Digitization increasingly shapes our everyday lives. It’s changed how we manage our personal finances and how we form networks and connect with people socially. Yet despite much media hype around increasing cybercrime, approaches to staying safe online are seem lax compared to the precautions that people might take with their physical safety. For example, parents who would not leave their children unsupervised while outdoors will let young children play on Internet-connected tablet devices, without adequate safety precautions, potentially putting their children at risk at being exposed and in the longer term being exploited online.

So how do we usher in a next generation of cyber security approaches

  • Children need online safety programs as part of their curriculum. And, to do this successfully, requires that resources also be injected into teacher training and awareness of where to focus and how to make cyber security enticing.
  • Parents and families need to get involved. A key finding from a recent study Addressing Gender Gaps in Teens Cyber Security and Self Efficacy was that teen girls were likely to develop confidence and interest in cybersecurity through informal approaches. It’s a great opportunity for cybersecurity practitioners to become role models and mentors to a younger generation.
  • I noted earlier that many cyber security approaches lag as much as 10 years behind the business landscape. Overhauling industry approaches is difficult when approaches and toolsets have been in use for decades. That’s where reverse mentoring can play a role. Partnering with young people is not just about them learning from us; it’s about what we can learn from them.
  • It’s time to finally drop the fear-based messaging. That would help us focus on what really needs to be fixed versus exploiting fear.

By Evelyn de Souza

Sofia Jaramillo
Augmented Reality in Architecture Augmented reality (AR) is a growing field of study and application in the world of architecture. This useful tool can help us visualize architectural designs by superimposing them onto real-world scenes ...
Gilad David Maayan
What Is SSPM? SaaS Security Posture Management (SSPM) is a set of security tools that an organization’s security team can use to gain visibility and manage security for their Software as a Service (SaaS) applications ...
Dan Teichman
Cloud-Native Communications Historically, Communication Service Providers (CSPs) networks ran on purpose-built hardware. However, in the early 2000s organizations started to update their infrastructure, moving to virtualization. Now, providers are looking to take the next step, ...
Louis
Real-time Enterprise Software Data Enterprise software startups are capitalizing on real-time data to continually improve revenue, costs, cash flow, marketing, and sales as their business grows. The majority of software startup CEOs spoken with have ...
Episode 16: Bigger is not always better: the benefits of working with smaller cloud providers
The benefits of working with smaller cloud providers A conversation with Ryan Pollock, VP Product Marketing and Developer Relationships for Vultr.com - Everyone knows who the big players are in the cloud business. But sometimes, ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.