Home

What's missing from the cybersecurity conversation today?

We've spoken about cybersecurity in the context of individual risks, the way that a gullible individual is a risk to their organization. But there are folks who can surveil vast numbers of us and do cool things, like Google, Facebook or your carrier. Those companies know a ton about you that hasn’t been discussed at all. Right now there's very little that we can do as individuals in IT, but I think it's important that we start to think about what we can do collectively. GDPR is a wimpy, too late approach and it's very individual. But there are important things that you can gather from surveillance.

Anonymous Author
We've spoken about cybersecurity in the context of individual risks, the way that a gullible individual is a risk to their organization. But there are folks who can surveil vast numbers of us and do cool things, like Google, Facebook or your carrier. Those companies know a ton about you that hasn’t been discussed at all. Right now there's very little that we can do as individuals in IT, but I think it's important that we start to think about what we can do collectively. GDPR is a wimpy, too late approach and it's very individual. But there are important things that you can gather from surveillance.
2 upvotes
Anonymous Author
... there's lots of the "cool stuff" being talked about and being focused on (eg. various flavors of AI in the context of cybersecurity) but still, there's a big gap and opportunities for improvements when it comes to the basics like: # system patching, user education to combat social engineering, common sense processes/procedures, proper authentication and user credentials best practices, etc. etc. # another one of my "favorites": lack of appropriate "business continuity" strategy and practices. DR isn't business continuity, there's no one-size-fits all and how much did we conserve or learn from what the pandemie did to the majority of businesses who just ignored BC?
2 upvotes
Anonymous Author
When a foreign cybersecuirty attack is considered to be act war or aggression and is acceptable to use conventional methods of eliminating the threat. With the latest ransomware attacks on critical infrastructure this conversation is needed
0 upvotes