As human beings, we make thousands of assumptions every day. It is our way of coping with situations we do not fully understand. It helps us bring conceptual order to chaotic combination of circumstances, like those we are experiencing in the cyber security industry.
Assumptions on a grand scale are myths that become integrated into the culture as absolute truth. When assumptions become a “truth” that is acted upon, the results can be disastrous. Ask the French who believed the Maginot Line was impenetrable to Germans. Or, the British, who assumed that American colonial soldiers were not a threat.
That’s why every now and then we need a reality check. As the science fiction writer, Isaac Asimov once noted, “Your assumptions are your windows on the world. Scrub them off every once in a while, or the light won’t come in.”
Last month, Steve Chabinsky, scrubbed our cyber security assumptions to shed some light on five of The Top 10 Cybersecurity Myths. He explains:
“We have been following the same cybersecurity approach, more or less, for over a decade. Yet, most everyone agrees that the problem continues to grow worse. Perhaps we are not on the right course. Maybe we are operating on false assumptions.”
How many of the Top Ten Myths are integrated into your cybersecurity approach? Read the following statements and answer true or false:
- Involving law enforcement in a breach will cause chaos for my organization.
- National information sharing is the key to reducing cybercrime.
- Cyber criminals mostly target large companies or organizations.
- Cyber security does not involve non-IT related company leadership.
- Vulnerability mitigation is the primary job of cyber security.
If you found yourself nodding yes to any of these points, myth has crept into your daily operational beliefs. Read the full articles by Steve Chabinsky in Security magazine: The Top 10 Cybersecurity Myths, Part 1 and The Top 10 Cybersecurity Myths, Part 2.