The Responsibility of Everyday Cybersecurity
Cybersecurity is a common word in today’s vocabulary. It seems you can’t go a day without hearing about some sort of data breach. While vulnerabilities exploited at the Office of Personnel Management, Target, Blue Cross and Blue Shield grabbed the people’s attention, the problem is still rampant today. Everybody has information needing protecting. It could be health records, financial information, intellectual property or a Facebook account. Everyone has a responsibility to practice cybersecurity.
Protecting your sensitive information seems a daunting task. It is not easy creating an impenetrable fortress against every threat, every hour of every day. There always seems to be an unseen foe able to find our weakest link. We improve our defenses. Our foe finds a different exploit. It seems like an endless cycle.
The challenge is recognizing the need to balance protection and accessibility. The conundrum is allowing the flow of information to appropriate individuals, while denying access to unauthorized people. Provide too much access and information ends up in the wrong hands. Provide too much protection and you create a self-denial of service. The difficulty is finding the sweet spot and staying there.
Allow me to try an analogy. What precautions do you take to prevent catching the flu each winter? How do you protect yourself from this virus? Do you get a flu shot? The health care and insurance industries have made it easily accessible to most people. Are you afraid you will be under the weather for a few days after the shot? Getting the flu shot does not guarantee preventing of the flu. Medical professionals claim the flu shot helps prevent contracting the disease. Yet, we must get the flu shot annually because the virus strain changes each year. The specific virus strain changes annually.
What other precautions do you take? Do you have a layered defense against the flu? Frequent hand washing is another recommendation from medical professionals. Limiting your exposure to sick people is yet another positive step toward flu avoidance. Yet, none of this guarantees you not getting the flu. I don’t know the success rate of living in a plastic bubble to protect yourself. However, my guess is it will prevent you catching the flu and dampen your social interactions.
My point is this, cybersecurity requires constant attention, due diligence and a layered defense. Performing all the right actions provides the best protection, but adversaries can still penetrate our fortresses. We all know the appropriate precautions to take, keeping up with patches, performing system backups, limiting access and ensuring those with access are who they say they are. These methods are tried and true. These techniques provide the necessary protection and maintain the appropriate accessibility to provide the needed service.
Use the 16th Annual Ohio Information Security Conference as an opportunity to get your annual cybersecurity flu shot. Think of it as your chance to learn the latest protection techniques. This is your opportunity to build your layered defenses. Together, our community can protect our vital information. Together we can build our impenetrable fortress.