A Posteriori Cybersecurity Knowledge
De-Google’ing Over Concerns of Privacy
Zen and the Art of Cybersecurity
Cry-key That’s a Big Gator
Your Passwords are Worthless
The Phenomenology of the Ghost in the Machine a.k.a. Spirit
Writing a monthly blog about cybersecurity sounds like a reasonably easy task. There are endless stories in the news about the latest breach. I am inundated (spellchecked that one) daily with vendors’ latest point product that are solving for the most advanced threats out there, both existential and pragmatic. All of my non-security peers discuss the topic of cybersecurity in every client meeting, whether the clients specialize in beverage label design, manufacturing widgets, cloud CRM, or development of apps that given the geolocation of the next catastrophe, predict the next put option to leverage. Cybersecurity is important, everyone is talking about it. But what can we do about it? Given, no matter what we implement or how much money we throw at it, we will still get hacked. There is no silver bullet.
In previous blogs, I spoke about integration, about fundamentals, and about a threat-centric approach. Each an important topic in themselves, but admittedly, very high level. When choosing a topic of conversation this month, rather than coming up with one that has a clever title and working backwards (like the brilliant ones above), I asked myself, what is the most important, most impactful, step I can take in order to protect the data in which I have access? As I write this, I do not know the answer to that question. After some reflection, knowing tomorrow is the deadline for this blog and I will be busy all day speaking with the options trader app developers, I have come up with the following two recommendations based on my own empirical evidence:
Do not use your work computer for personal use. Like, don’t even check your Gmail account.
Delete files and emails you no longer need. You really do not need the 2017 PowerPoint from marketing, “just in case”.
These are two recommendations that are easy enough to implement and I think can go a long way in contributing to your organization’s overall cybersecurity posture. Candidly, I think no explanation is needed about the benefit of adopting both of those propositions. As a dedicated Katalyst blog reader, you are brilliant and need no explanation. That said, I pose the question to you. . . in order to make this interactive and valuable to all who happen upon this blog.
What is the most important thing you personally can do to increase your company’s cybersecurity posture and prevent the next breach?
Reading time: 90 seconds