Cybersecurity is one of the 21st century’s highest in demand, yet least understood professions… right down to how it is spelled. Many define Cybersecurity as the practice of defending computers, networks and data from malicious attacks… and they are all WRONG!
Cyber is a relatively new prefix attached to terms that describe things made possible by technology: Cyberbullying, Cyberstalking, Cyberattacks, Cybertruck
Many define Cybersecurity as the practice of defending computers, networks and data from malicious attacks… and they would be wrong. This is the definition of IT Security, or Information Security.
Cybersecurity is the practice of defending people and businesses from malicious technological attacks.
Many try to use IT Security and Cybersecurity interchangeably, and this has been to our detriment.
All the sudden, firewalls became “cybersecurity appliances” instead of IT security appliances. Anti-virus software became “the first line of cybersecurity defense” instead of IT security software.
How did this happen? MARKETING GENIUSES!
They decided attaching “Cyber” to their products and services were much sexier than “IT”. This is much akin to when everything connected to the internet had the genius “I” in front of it: iMac, iTrade, iDrive
IT Security is a small component of Cybersecurity. It’s about 33% of cybersecurity, to be precise. It gets the most attention because its the sexy part that we see in the movies; ethical hackers, pen testing firewalls, etc.
The other 2/3 of cybersecurity is much less sexy, but I would argue are actually more important.
Case in point: Ethical hackers DO NOT resolve gaps in security. They identify weaknesses in the configuration and maintenance of systems.
The company’s IT Group is responsible for hardening and maintaining these systems. They are our first line of defense.
So how can we be sure the IT Group is doing what they say?
They need to be audited, which is our second line of defense. This line of defense is rarely used effectively. Let’s face it, IT Audit is not the sexiest profession, but it is absolutely CRITICAL to any cybersecurity program.
The third and last line of defense are the ultimate stakeholders / owners of the company. This is the Governance layer of the company. They ultimately set the tone for how seriously the company takes cybersecurity. They also have to ensure the IT Group and IT Auditors are in place and doing what they’re supposed to.
ANY COMPANY, NO MATTER WHAT SIZE, THAT IS NOT AUDITING THEIR IT GROUP IS GUARANTEEING THEY’LL BE HIT WITH A CYBER ATTACK.
Cybersecurity is the practice of defending people and businesses from malicious technological attacks. This practice involves 3 unique and independent layers of defense:
1. IT Security
2. IT Audit
3. IT Governance
--------------------
PLEASE SUBSCRIBE
As you can tell, I have a passion for helping families, small businesses and non-profits address their cybersecurity risks. In fact, that's the purpose of my YouTube channel! You’d be doing me a big favor by subscribing.
I’ve seen the devastating effects of cyber attacks on family-owned businesses first-hand. In 2020, my goal is to reach as many people as I can before the cybercriminals do… but goals without plans are just wishes.
I want to hit 1000 YouTube subscribers by the end of 2020 in order to spread my message far and wide. I post weekly videos on a variety of topics with a central theme of technology governance for laypeople. I figure this is the best way I can make a dent in the universe (for now).
This is an incredibly ambitious goal, so wish me luck and thanks again for your support!
----------------------
SOCIAL MEDIA:
FACEBOOK:
INSTAGRAM:
TWITTER:
LINKEDIN:
YOUTUBE:
MUSIC:
Blue by Roa Music
Creative Commons — Attribution 3.0 Unported — CC BY 3.0
Free Download / Stream:
Music promoted by Audio Library
========================
ABOUT GOVERNING GOLIATH
As a global cybersecurity risk management leader, David Allen King, has witnessed the devastating results of cyber attacks on family businesses, non-profits and entrepreneurs. Clearly, they need the most help. Something has to change...
Governing Goliath was created to coach families, non-profits and entrepreneurs on how to protect themselves against cyber attacks.
=====================
ABOUT DAVID ALLEN KING
David Allen King is a trusted advisor for enterprise executives, non-profits, and small business owners. David specializes in cybersecurity risk management, data breach & ransomware response and Payment Card Industry (PCI) compliance as a founding member of Cyber Support Alliance.
0 Comments