Cyber Realities: Impacts of Cyber to Business

Introduction

This post stated out as a technical post about commonalities found in the field that vary based on business operating model, IT capability and vectors used by threat actors. Whilst writing this it led more into business leadership, governance and investment risks. How do these two subjects’ interface? Well to be honest they are the same thing from a different lens.

In this post we are going to look at:

Common Technology Deployment Models and the associated threats/risks/vulnerabilities
Common challenges I find in organisations
And finally, a question… is this the business outcome that you want

Architecture

The difference between what can be vs what often…

I’ve travelled all over the internet, I’ve worked with logs of organisations from banks through to small ISVs and one thing I would say is fairly universally true. What can be isn’t what is.

There’s a lot of different operating models and technologies in the world. There’s logs of differen’t specifics. This diagram here is not mean’t as a refrence architecture but more as an indicator.

There is also a massive reality people must understand, cyber good most definatley costs more at the point of deployment than cyber bad. Cyber bad’s ROI is truly variable and in mind mind is too hard to measure. For one org with cyber bad can experiance a significant breach (and cost) and another may have lady luck on their side.

Guides

What do you need to be Cyber Leader?

Introduction

What does it take to be a cyber leader? How do we address a broad challenge we have in today’s business world?

There are a huge number of organisations whereby the leadership do not have domain expertise in cyber and related disciplines. There are decision makers who are having to best guess. On the other end of the spectrum, we have thousands and thousands of people trying to “break into cyber” yet they face largely insane entry requirements with the forementioned adding things to junior and entry level role which include:

Must have a CISSP (CISSP requires 5 years’ experience and is an Information Security certificate that is very broad and not very deep, it also covers a range of areas that in my opinion aren’t even required for many cyber security capabilities inside organisations)
Must have a Certified Ethical Hacker (this exam includes remember historic malware dates, is that really what we need from our leaders?)
Must have a very large level of experience of be from an existing cyber role

Defense

Why are ransomware attacks so devastating? – Part 1

Introduction

“Ransomware is a major issue!”

Hang on maybe we need to re-phrase that:

“Weak security postures are a major issue!”

or perhaps.. why not both!

I’ve been working with digital technology management for over 20 years, I started out when I was a kid (literally) fixing people’s PCs in their offices, removing malware, improving configurations, writing batch file menus, and playing games. As time has gone on technology has shrunk and continually become more and more of our everyday lives.

Back in 2003 I responded internally to MSBlaster, an SMB worm that had a devastating effect for the time, by today’s standards it was child play, however I remember saying “it’s a good job it didn’t delete everything whilst it was here.” (Or something very similar. Post NACHI/Blaster my friends and I were talking about how worse it could get. Fast forward in time and it’s much worse. Yet when I look at networks, they don’t look very different to how they did back in the 2000s.

Despite a multi-billion-dollar cyber security industry, it seems daily that organisations are succumbing to “cyber-attacks” which commonly include ransomware. Why are they successful and why are they so impactful? Well, let’s take a look! Read more “Why are ransomware attacks so devastating? – Part 1” →

Defense

5 Major Challenges with Business Digital Security

This is not meant to be an essay, but simply a rapid-fire view of things that I see that are major challenges with digital security in today’s age. So, without any further delay let us hit it:

Defense

Routine Security Governance and Management Activities you should plan…

Security Planning 101

I have been thinking about how organisations manage (or do not manage) their security postures from both a governance and management point of view. To help organisations that are just starting on their security improvement journey I thought I have put together a list of activities they may want to have in a forward schedule document (you could even call it a roadmap). It is not going to be all things to all people and different organisations and markets will have different requirements.