I’ve never been short on names that have been used to describe me. Of all of them, “prophet of cyber-doom” might be one of the funniest. We are not in a funny situation however. It is clear that in the big picture, and when we review the constant stream of breach events that have been happening in cyber security, that we struggle with the current, broad generation of cyber threats. On to the cyber-doom – the next generation of cyber threats is already here, time is up, and there is nowhere to hide.

The signs are all around us. The truth of the matter is that money is not an issue, it is spent everywhere – cost is the issue. Industry reports peg the cost of a typical cyber breach that reaches into the millions of dollars per incident, and even more costs when accounted for by year. Brands and business can be devastated by this and so can the bottom line. The biggest problem in these situations is that companies are not fully prepared to stand up to the threats that exist out there.

The nature of this problem is systemic. The reason behind this seemingly helpless state is the real story of doom. Many companies simply don’t know what to do, how to prepare, and how to respond to cyber threats.  All the while, attacks become increasingly sophisticated with each passing day. Additionally, as we have witnessed in a number of major incidents, many threats are coming from within the breached organization.

Security is human

The human mind is designed to learn from experiences. Yet in many cases, we overcome that programming due to folly, ignorance, pride, and other reasons. There is no room for such failures when it comes to security. There is a vector in and a vector out of every infrastructure, and a way into every fortress. The weak link into that fortress may be people. It might be some flaw in the technology. It might be a combination of those two things, or something else, but in any case, vulnerabilities exist and you can be sure that someone out there or within is looking for it.

Security is a state of mind, and it is a principle. If you look at how a properly orchestrated plan addresses vulnerabilities and security at multiple levels, it should always include the task of instilling a security mindset very early in the process. This is one reason why from the earliest phases, my computer systems protection software, antivirus protection, was designed as it was. Computers were a new world then and the challenge existed in telling this world that there were threats out there. I continue to tell that message today.

The thing about this world of cyber threats that many are missing is that you cannot tolerate solitude when it comes to security.

• There cannot be just one security champion in an organization of any size
• There cannot be one department that stands alone on security within an organization
• Organizations must access the greater body of security awareness and knowledge
• Organizations can reach out to available professionals such as security researchers and other services
• You cannot build a secure environment that counts on one technical device (even if it promises to do everything)
• Individuals should have the full support of the organization on security matters, meaning tools, learning, and a culture

Culture, trust, education, awareness – these terms are commonly thrown about in the discussion of security. With any luck and a little bit of emphasis, hopefully this is not just lip service for those that receive this advice.

The next generation of cyber threat is already here, and it is evolving quickly in terms of scale, impact, and sophistication. It is a true shame when brilliant technologies are made futile by the disregard of the importance of how critical security is to business, which is exactly why we see these continuing failures and breaches. At every level of our infrastructure as a country and within every industry, there are gaps that can be reinforced by the simple knowledge of what security is and how it should be.

I urge leaders in the community to witness what is already here on the cyber threat front. More importantly, I urge mobilization to a safer, more secure ecosystem where security awareness and security are a part of the daily national conversation. Join me.

Find out more about my platform at www.mcafee16.com

Picture credit: Pixabay