4 answers
4 answers
Updated
Aisha’s Answer
Hello Roger,
The dynamic nature of technology and cyber threats means that the primary concerns in cybersecurity are always shifting. However, there are several enduring issues that need to be addressed:
Cyber Attacks: Advanced cyber attacks, such as malware, ransomware, phishing, and DDoS attacks, are a constant threat to individuals, businesses, and governments across the globe.
Data Breaches: Data breaches can reveal sensitive data, including personal information, financial records, and proprietary knowledge, potentially leading to identity theft, financial losses, and damage to reputation.
Software and System Vulnerabilities: Weaknesses in software and systems, which are often exploited by cybercriminals, underscore the importance of strong security measures, prompt patching, and secure coding practices.
Insider Threats: Insider threats, whether deliberate or unintentional, can lead to data leaks, sabotage, or unauthorized access to sensitive data.
Cybersecurity Awareness Deficit: A lack of knowledge about cybersecurity best practices leaves many individuals and organizations susceptible to social engineering attacks and other cyber threats.
Shortage of Cybersecurity Skills: The global lack of trained cybersecurity professionals makes it difficult for organizations to sufficiently safeguard their systems and data.
Security Solution Complexity: The intricacy of security solutions and technologies can present obstacles in their implementation, management, and interoperability, resulting in gaps in cybersecurity defenses.
The dynamic nature of technology and cyber threats means that the primary concerns in cybersecurity are always shifting. However, there are several enduring issues that need to be addressed:
Cyber Attacks: Advanced cyber attacks, such as malware, ransomware, phishing, and DDoS attacks, are a constant threat to individuals, businesses, and governments across the globe.
Data Breaches: Data breaches can reveal sensitive data, including personal information, financial records, and proprietary knowledge, potentially leading to identity theft, financial losses, and damage to reputation.
Software and System Vulnerabilities: Weaknesses in software and systems, which are often exploited by cybercriminals, underscore the importance of strong security measures, prompt patching, and secure coding practices.
Insider Threats: Insider threats, whether deliberate or unintentional, can lead to data leaks, sabotage, or unauthorized access to sensitive data.
Cybersecurity Awareness Deficit: A lack of knowledge about cybersecurity best practices leaves many individuals and organizations susceptible to social engineering attacks and other cyber threats.
Shortage of Cybersecurity Skills: The global lack of trained cybersecurity professionals makes it difficult for organizations to sufficiently safeguard their systems and data.
Security Solution Complexity: The intricacy of security solutions and technologies can present obstacles in their implementation, management, and interoperability, resulting in gaps in cybersecurity defenses.
Edmond Momartin ☁️
Public Cloud Security & Compliance AT&T | MBA InfoSec | OWASP-LA Board
75
Answers
Updated
Edmond’s Answer
Issues facing cybersecurity are fundamentally the same as in any other discipline and it really depends on who you ask and the context, but primarily, it comes down to reducing risk to an organization and protecting its assets.
If you want to understand typical challenges that cybersecurity teams face, read through the "Career Options" section of https://niccs.cisa.gov/education-training/cybersecurity-students. That would give you a good idea of all the different roles that are out there and possible tasks.
Seng (who replied to your question) believes change management is the key issue. From my perspective, the biggest issue is to ensuring 'security' is super-easy for a user, for another it might be ensuring all data is encrypted and only authorized users can gain access, etc.
If you want to understand typical challenges that cybersecurity teams face, read through the "Career Options" section of https://niccs.cisa.gov/education-training/cybersecurity-students. That would give you a good idea of all the different roles that are out there and possible tasks.
Seng (who replied to your question) believes change management is the key issue. From my perspective, the biggest issue is to ensuring 'security' is super-easy for a user, for another it might be ensuring all data is encrypted and only authorized users can gain access, etc.
Updated
Seng’s Answer
The most significant challenge in cybersecurity is managing change. Every IT environment or system that's worth its salt is dynamic, always evolving and adapting. Therefore, the key is to establish a robust system and process that can efficiently control and monitor these changes in the environment or system.
1) How can you ensure that the changes implemented won't negatively impact cybersecurity?
2) What's the process for reversing changes if needed?
3) What measures are in place to spot and flag unauthorized changes?
4) How can you reverse or isolate these unauthorized changes when required?
The second biggest problem is making assumption that nothing can go wrong. The Titanic tragedy is a stark reminder of this. Many lives were lost because it was assumed that the Titanic was unsinkable, and therefore, there was no need for enough lifeboats for all passengers. This assumption led to a higher death toll when the unthinkable happened, and the Titanic sank. So, always be prepared and never underestimate the importance of cybersecurity.
1) How can you ensure that the changes implemented won't negatively impact cybersecurity?
2) What's the process for reversing changes if needed?
3) What measures are in place to spot and flag unauthorized changes?
4) How can you reverse or isolate these unauthorized changes when required?
The second biggest problem is making assumption that nothing can go wrong. The Titanic tragedy is a stark reminder of this. Many lives were lost because it was assumed that the Titanic was unsinkable, and therefore, there was no need for enough lifeboats for all passengers. This assumption led to a higher death toll when the unthinkable happened, and the Titanic sank. So, always be prepared and never underestimate the importance of cybersecurity.
Updated
brian’s Answer
In my view, the primary challenge in cybersecurity lies in the human interaction with IT systems. It's crucial that this interaction is deliberate, knowledgeable, and accountable.
Deliberate interaction means using the service as intended, with a clear understanding of its capabilities and limitations.
Being knowledgeable requires awareness of one's responsibility in maintaining and using the technology as it was designed.
Accountability involves not misusing the technology to cause harm or loss to others. It also includes knowing how to protect against malicious individuals who misuse IT systems.
While there are numerous secondary issues in cybersecurity, I believe they pose less of a threat than the problems that can and should be addressed through proper human use of technology.
Deliberate interaction means using the service as intended, with a clear understanding of its capabilities and limitations.
Being knowledgeable requires awareness of one's responsibility in maintaining and using the technology as it was designed.
Accountability involves not misusing the technology to cause harm or loss to others. It also includes knowing how to protect against malicious individuals who misuse IT systems.
While there are numerous secondary issues in cybersecurity, I believe they pose less of a threat than the problems that can and should be addressed through proper human use of technology.