DailyPost 2874
CYBER SECURITY – STAKEHOLDERS VIEW
The oft repeated question in today’s management parlance is whether we are on the same page? A reply to this question in the affirmative means that at least the problem or the issue is understood correctly and action as warranted can be proposed thereupon. There is general acceptance of the fact that, ‘Hacking is the new normal,’ but the challenge is different to force an action; do we understand cyber security and its nuances in unison. That is not the case, and hence there are serious fault lines from the starting point itself.
The stakeholders are precisely facing this predicament. For the adversaries and the threat actors the general presumption is that everything is hackable. The legacy and the technical expertise and execution has substantiated the same. What makes it even more quixotic is the entry of the nation states. They also feel the same but their operative modalities are different. They can organise much higher levels of resources and can task large organisations in a collaborative mode. It can include both the state and non-state actors working in tandem to achieve the goal.
Radically opposite is the stance taken by the cyber security companies that foolproof security can be provided. While on any public platform they would accept the fact that foolproof security cannot be provided, but once they get into the selling pitch, they leave no stone unturned to make the customer feel confident that they would deliver the moon. An ignorant customer is gullible. Just imagine the nature of risk which is being put under the carpet. By the time you realise the hollowness of their claims, the damage is done.
The customer while being at the receiving end has decided not to change his habits, He has decided to outsource cyber security and be at peace. No security can ever be fully outsourced, least of all would be cyber security, where user behaviour and lack of cyber security culture accounts for 80% of the hacks. The user is just not ready to take security overload, he feels he is completely drowned in his work and does not have either the attitude or the expertise to take some positive action with regards to it. Back to nation states, it is just a tool for them, least realising that same is being used against them as well.
WITH A BROKEN AND VITIATED STAKEHOLDER UNDERSTANDING, CYBER SECURITY IS BOUND TO BE ON CRUTCHES FOR LONG TIME TO COME.
Sanjay Sahay
Have a nice evening.