Experts inform us about the latest developments in the field of Cyber Security and where these developments might lead to, or not. Of course it is very interesting to follow these updates and opinions on the various channels but it is just as interesting to ask the community what they think is important Cyber Security wise. And what better platform to do so than using Twitter polls?
Question 1: What do you think could bring the most improvements in Cyber Security?
- Artificial Intelligence (22%)
- Blockchain (18%)
- Education and Awareness (54%)
- Other (please comment) (6%)
Although we are flooded with statements that blockchain is going to solve every issue we might have ever had, especially in cyber security, the participants in this poll clearly prefer Education and Awareness over any other option. The Human Firewall is as important as the technical means installed and it is satisfying to see that we understand the importance of education and awareness.
That hasn’t always been the case, and still too many companies and organizations don’t have an active training program for users and customers. If you want to find out more about the meaning and importance of the Human Firewall, make sure to grab a copy of the book The Human Firewall by Rob May and while you’re add it, you might as well follow him on Twitter, too!
Question 2: What do you believe will have the biggest impact on how companies and organizations improve their cyber security?
- Regulation by government (19%)
- Strategy by company/orgs (31%)
- Exposure by hacks (46%)
- Other (please comment) (4%)
This result is a bit shocking but also somewhat along the lines of what I expected. Companies and organizations simply don’t do enough to protect their information and infrastructure. And it is not getting any better. A recent study shows that telco providers are more concerned about exchange rate volatility than about cyber threats. Oh well, its only about the personal data of their paying customers… As if the Equifax data breach hasn’t shown what negligence will lead to, one way or the other. Shame on you, companies and organization! Your customers don’t trust you and assume you will only act on Cyber Security when your vulnerabilities are exposed by hacks!
Question 3: What do you believe is the best corrective action to improve Cyber Security for companies and organizations?
- Migrate to cloud (40%)
- Outsourcing security (20%)
- Increase woman/manpower (30%)
- Other (please comment) (10%)
There is a lot to be said for cloud services, and one of the advantages is having a professional service provider which offers the knowledge and technology to for Cyber Security, monitoring access and abnormalities, etc. For many companies, hiring Cyber Security experts and implementing security measures is a cost factor which exceeds the available budgets. In those cases, migrating to the cloud could be the right move to make. But… There is always a but! Cloud services can be just as vulnerable to sloppy behavior of employees and customers. Education is key, no matter if you are using in-house infrastructure, outsourced the management of your infrastructure or completely outsourced into the cloud.
PS: There is a great and funny anecdote about why we call the cloud “the cloud”, I will post that some other time.
The comments to these polls are very interesting so let me mention the once that drew my attention the most.
Saskia Coplans hit as home-run with just one word: Women! Yes, we need more women in Cyber Security, in tech, in STEM and we need equal pay and opportunities. And yes, women can quickly fill the growing gaps between demand and capacity. THANK YOU!
Kai Grunwitz commented “More than one item ⚠ Companies need to understand their risk profile based on their business, etc. Technology is only the final piece even while #blockchains will change a lot. 👉 Cybersecurity #Strategy first! Here ‘Awareness’ of risks and threats if if i have to pick one.” and there is very little that I could add to that. Kai also pointed out all the great opportunities that companies have but not use, like Gamefication of Cyber Security Training for example!
Jan Barbosa commented “Statistics show that human error is the number one reason for security breaches, would put my confidence first in #AI in addition to training employees. #CyberSecurity”. I consider it a very interesting concept to combine education and AI. This combination can be used both for training and detection. Thanks for the comment!
The person or team behind NexWebSites | Custom Software Developers commented “#CyberSecurity is a process, not a product. Any real-world system is a series of interconnections. Security must permeate the system: its components and connections. #Security is a chain; it’s only as secure as the weakest link.” Indeed! The weakest link determines the actual level of security. When we look at the history of hacks and data breaches, it is always the weakest link that is attacked first and never the hard target. In many cases the hack of the weakest link will provide access to the highly defended high value targets.
Thanks to everyone for participating and sharing these polls!