Someone asked me this question few months ago, "Can you tell me in simple words, what is cybersecurity?". At that point, I thought everyone already had an idea what is cybersecurity. Hence, i went on to describe, cybersecurity is a human behaviour. It is nothing more than bringing this behaviour to social media platform and behave in a rather malicious manner. Because of this behaviour, usage of mobile phones are susceptible to data leakages, unauthorised access, identity compromised, and the list goes on. That person was confused and he went further to ask, is this nothing more than IT general controls then? My response was both Yes and No. I went on to elaborate that cybersecurity maybe found in ITGC or ITAC but it is much more because ITGC does not dictate how a person should behave with his personal devices and the same goes to ITAC.
In this post, I like to post my view of cybersecurity and cybersecurity as found in the google results - unauthorised access to any computing devices or being damaged or made unavailable. Using this definition, Cybersecurity comprise of "Confidentiality, Integrity and Availability" types of risks. Technology on the other hand, is really a risk on availability and less on confidentiality or integrity. But does that mean cybersecurity is a technology risk because it impacts availability? I believe many organization today have somehow figured that cybersecurity is and should be a business risk. However does that mean Chief Security Officers today should also be cybersecurity-skilled? The answer remains largely unknown but awareness of cybersecurity and its relevant cycles (threat, cyber kill chain) should be required.
In my personal opinion, Cybersecurity is Technology risk elevated or a product of evolved Web 5.0. Technology since its early days had began to consolidate time and space. Work pace has become faster due to technological improvements. Prior electronic mail, postal mail was the fastest known method to transmit large block of messages. Today, we have chat groups and gigs of data are transmitted daily. The presence of time and space have become blurred. Official work timing existed merely as a notational value to to calculate the salary cost entitled to an individual for exchanging his/her time to work. This simply means, everyone is network-ed and it is this network that enables cybersecurity to take place and causing wide impact. Consider the botnet network and the fundamental requirement is -> Network. Without magnitude of connections, botnet doesn't work as expected.
Hence business today must embed a cybersecurity function in its business process to ensure that the kill chain is stopped timely before an event take place. Why is this so? Because each cyber event has the potential to wipe off the entire assets of the business, considering that today's network transfer speed, in the past transferring 1GB of data takes hours. Today, its probably 1 minute. How much of money can be transferred in 1minute? :) Swift connection do its transaction in seconds. Hence, be ready for cybersecurity and it is no longer meant for gigs.
It is about YOU and ME.
In this post, I like to post my view of cybersecurity and cybersecurity as found in the google results - unauthorised access to any computing devices or being damaged or made unavailable. Using this definition, Cybersecurity comprise of "Confidentiality, Integrity and Availability" types of risks. Technology on the other hand, is really a risk on availability and less on confidentiality or integrity. But does that mean cybersecurity is a technology risk because it impacts availability? I believe many organization today have somehow figured that cybersecurity is and should be a business risk. However does that mean Chief Security Officers today should also be cybersecurity-skilled? The answer remains largely unknown but awareness of cybersecurity and its relevant cycles (threat, cyber kill chain) should be required.
In my personal opinion, Cybersecurity is Technology risk elevated or a product of evolved Web 5.0. Technology since its early days had began to consolidate time and space. Work pace has become faster due to technological improvements. Prior electronic mail, postal mail was the fastest known method to transmit large block of messages. Today, we have chat groups and gigs of data are transmitted daily. The presence of time and space have become blurred. Official work timing existed merely as a notational value to to calculate the salary cost entitled to an individual for exchanging his/her time to work. This simply means, everyone is network-ed and it is this network that enables cybersecurity to take place and causing wide impact. Consider the botnet network and the fundamental requirement is -> Network. Without magnitude of connections, botnet doesn't work as expected.
Hence business today must embed a cybersecurity function in its business process to ensure that the kill chain is stopped timely before an event take place. Why is this so? Because each cyber event has the potential to wipe off the entire assets of the business, considering that today's network transfer speed, in the past transferring 1GB of data takes hours. Today, its probably 1 minute. How much of money can be transferred in 1minute? :) Swift connection do its transaction in seconds. Hence, be ready for cybersecurity and it is no longer meant for gigs.
It is about YOU and ME.