Thursday, April 21, 2016

A New Paradigm in Cybersecurity

James McFarlin

The wide majority of networks and applications powering American businesses, government agencies and military services are aging legacy systems in which security was not a primary design criteria - perhaps not a criteria at all.

With the massive worldwide growth of the Internet and the security risks which accompany this global net mean that we are now paying the price for this design omission.

Cybersecurity for these legacy systems is largely 'bolted on,' an arrangement which provides security ranging from marginally adequate to nonexistent - think the massive Office of Personnel Management (OPM) personnel information misappropriation and Sony Pictures Entertainment theft, system destruction and threats of extortion.

But technology is not the only force in cyber secure operations. Misdirected or lack of executive oversight is a major factor. A recent study, The Accountability Gap: Cybersecurity and Building a Culture of Responsibility, found that while chief information security officers are spending more time in front of boards, information exchange is too often truncated by both the lack of cyber knowledge among board members and the communication ineffectiveness on the part of the technical officers.

The study found the "inability of technical officers to quantify and convey the actual impact of a breach," which limits its importance to the C-suite executives making decisions on cybersecurity budgets and staffing.

Accountancy and consulting firm Deloitte believes the issue to be even deeper. With cybersecurity now affecting virtually all aspects of the organization,"increased focus must be given to addressing a cultural change in the organization." In this new paradigm, "An integrated risk philosophy is mandatory, where cyber risk management and technology must be on an equal footing."

Some organizations, however, have begun top define cybersecurity as a risk management function, thus forcing the viewing of cyber risks into business terms. For many, this is a major transformation which will not come easily.

How long will such alterations take? Cultural change is difficult. But the reality of today's world means cyber breaches will deliver not only financial costs, but risks in customer retention, potential damage to reputation, brands, and in some cases, interruption of business operations.

Addressed in this view, implementing a mindset which incorporates a paradigm shift in organization thinking has become essential and increasingly, urgent.

A recent cybersecurity assessment from accountancy EY placed the issue in perspective, advising that, in cybersecurity, "High alert must be your constant state."


  1. Cyberspace allows for a great deal of anonymity and attacks can be routed through servers all over the globe to mask its origin.cyber capabilities create an operational space in which nations can conduct (offensive) actions with less political law concerning on cyber operations is still a grey area.
    Essay writing service reviews

  2. What can you tell me about this POS system device?
    Leave your testimonial here please.
    It's very interesting for us to know what do you think!

  3. This is a nice and very informative information that you have written. Thanks for this. Regards Willie Phillips from

  4. cybersecurity risk management I want you to thank for your time of this wonderful read!!! I definately enjoy every little bit of it and I have you bookmarked to check out new stuff of your blog a must read blog!

  5. I think this is an informative post and it is very useful and knowledgeable. therefore, I would like to thank you for the efforts you have made in writing this article. 먹튀폴리스

  6. Techniques that provide hands-on experience with mitigating controls. This means you must learn real skills to handling breaches in security. cyber security training in hyderabad

  7. Thumbs up guys your doing a really good job. It is the intent to provide valuable information and best practices, including an understanding of the regulatory process.
    Cyber Security Course in Bangalore

  8. Very nice blog and articles. I am realy very happy to visit your blog. Now I am found which I actually want. I check your blog everyday and try to learn something from your blog. Thank you and waiting for your new post.
    Cyber Security Training in Bangalore

  9. I will really appreciate the writer's choice for choosing this excellent article appropriate to my matter. Here is deep description about the article matter which helped me more.
    Best Institute for Cyber Security in Bangalore

  10. Took me time to read all the comments, but I really enjoyed the article. It proved to be Very helpful to me and I am sure to all the commenters here! It’s always nice when you can not only be informed, but also entertained! 투데이서버

  11. Very nice article, I enjoyed reading your post, very nice share, I want to twit this to my followers. Thanks!. dpa course

  12. Much obliged to you for some other instructive site. The spot else might just I get that sort of data written in such a flawless strategy? I have an endeavor that I am basically now running on, and I've been at the look out for such information. cyber security consultant firm

  13. I am continually amazed by the amount of information available on this subject. What you presented was well researched and well worded in order to get your stand on this across to all your readers. kızılay ingilizce kursu

  14. Most of the modes for preparing for CCNA Certification - study guides, forums, online and classroom courses, etc., - give the students several CCNA tests to prepare them for the actual CCNA exam. CCNA Training in Pune