Guarding the Gate: Cybersecurity De-Mystified

With individuals, businesses and critical infrastructure increasingly becoming the target of cyber-attacks, cybersecurity today is a multifaceted challenge.

As the saying goes, “There’s more than one way to skin a cat.” And if the cat equates to preventing, detecting or discovering disruptive data breaches and determining the root cause, the vendor community has certainly come up with a plethora of options for enterprises as well as consumers – virus and malware detection, firewalls, penetration testing, vulnerability management, a long list of acronym-labeled tools like IDS, IDP, CASB, UEBA, SIEM, and DLP… with more on the way.

Some of these have proven effective, others less so, in protecting network infrastructure and digital assets. For example, most cyber security practitioners would admit that while SIEM tools have solved some problems, they have also introduced other unexpected challenges like false positives and alert fatigue.

Over the past few decades, cybersecurity seems to have evolved into a highly esoteric endeavor, shrouded in mystery, its practitioners functioning in a rarified atmosphere. It is true that developing cybersecurity tools and solutions is a very technical task that requires specialized knowledge. And it is without a doubt complex in nature. Yet rather than masking this complexity, vendors have allowed it to spill over into the buyer-side.

To de-mystify cybersecurity, the first question we should ask is, “What exactly is it?” The simplest answer is that cybersecurity consists of “measures taken to protect a computer or a networked computer system (i.e., on the Internet) against unauthorized access or attack.” But from that point, cybersecurity does appear to be very complicated. Let us count the ways.

The challenges of running an information security program in an enterprise can be overwhelming, with so many areas to address – from encryption, to application security, (Read more...)