Content

Evolving a cybersecurity society 3.0

Cybersecurity is one of the greatest societal challenges of the 21st century. It transcends technology and affects our privacy, financial systems, health care, economy and the defense of our country. As technology advances at a quick pace, the world of global business and commerce transforms. The rapid technological revolution has, as a result, created new cybersecurity challenges.

As security professionals, it is our responsibility to clearly articulate and educate our employers, peers, business partners, clients and our society regarding information security. This is where we have failed. Very early in my career in information security (and blinded by my own ignorance and arrogance), I had little patience for clearly articulating and sharing the risks, challenges and solutions with my employers, peers, business partners and, least of all, with my friends and family. Life has a way of teaching us humility.

We can help our organizations by losing the technical jargon, and by being willing to share our passion for information security with people at all levels of our organizations. Security pros must abandon the ivory tower.

We, as security pros, must also find ways of clearly articulating and educating others regarding the importance that every person has in ensuring security and privacy in a digital community. People are the foundation of our society and the most important foundation in effective information security. We must invest in the future of our global village by investing in sharing our knowledge and our ethical commitment with people.

As someone working in the security field, I often read news stories regarding proposed or enacted cybersecurity legislation by the federal government or by the states. Political ideology aside, I believe legislators drafting or sponsoring cybersecurity legislation have honorable intentions for protecting our country's technology and critical infrastructure. The problem is that most legislators do not clearly understand the technical complexities and the business-process impact of cybersecurity across different industry sectors as well as across various organizations.

In addition, many times, we techies sit on the sidelines and wait for new regulatory compliance mandates to add to our workload. But, there are many things we can do as security professionals to expand the common body of knowledge of information security in our society. The most important question remains: Security professional, what will be your legacy to our 21st century society?

Jaime Chanaga formerly served as the chief information security officer for a health care organization.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.