Cyber security problems (and our reactions to them) have been developing for decades.
Step back and think about all of your information technology concerns: Chances are you’re running servers that are under capacity; operating systems that haven’t been updated; systems that have been developed in-house but are no longer supported; unmaintained websites; a mess of shared folders used for ad-hoc file sharing; shared administrative logins and passwords.
Perhaps you recognize some of these issues; maybe you recognize all of them. These issues create an environment primed and ready for a cyber security breach.
The calibre of hackers has increased, and the motives of some hackers changed: From curious research, to espionage and malicious damage. The easy accessibility and connectivity of these Internet-connected computers turned from virtue to liability, almost overnight.
IT isn’t the strong suit of most businesses. Furthermore, IT resources are often stretched, so allocation of resources to anything other than a crisis just doesn’t happen.
In addition, the lack of security focus in businesses and organizations is a real problem. At the moment, we seem to be happy to turn a blind eye to security breaches.
We collectively allow incidents to occur, and apologise for the consequences later. This lackadaisical acceptance of mediocre security feeds back on itself by reducing security through inaction and rewarding hackers with easy targets.
Regardless of the IT and cyber security expertise you enlist, you will ultimately be responsible for the broad security policy decisions that underpin your business processes. Adapted from Computer world. Read More