In today's commodity-driven world, our collective society is constantly told what to buy: quick purchases that can solve all our problems with a single product. It's literally what the advertising industry is built on. Whether it's a quick-fix, money-making scheme, a new weight loss product, the latest in fashion trends—every product promises something nothing short of miraculous.
The question: Is the cyber security world any different? It's always easy to sell point solutions to address the challenge of the day, but as I've alway said about point solutions—it's not polite to point. Thinking that a single product will suddenly protect an organization from an army of cyber attackers just isn't feasible.
In our new world of always on and always connected, so too are the nefarious individuals who are constantly in the shadows trying to infiltrate every system possible: people behind the keyboards running the scams and taking advantage of everything they can. So if people are at the heart of the problem, so too must people be at the heart of the solution.
Like any business process management endeavor, there first needs to be a profound account of everything from corporate culture, to how people work in groups and the associated systems needed for divisions to do their jobs, how those systems and groups interact with other systems and groups and, of course, how individuals ultimately interact with other individuals and systems.
In short, placing people at the forefront of any cyber security solution is essential for success. It's at this stage where an intrinsic understanding of how people interact with each other and the organization creates the road map to success. Furthermore, it also creates the perfect opportunity to enable input from teams and individuals to ensure that new security measures don't actually hinder business—yes, that can happen.
By involving people in the initial phase of the project, educational factors can be addressed along with best practices, and more. Simply put, when everyone knows what is happening and is involved and engaged, the next step becomes far easier to implement and manage.
Once the human equation is addressed, the next logical phase is creating the process. By leveraging stage one findings—the human factors of business—processes become very clear as to what will work and, more importantly, what won't. And, again by garnering people's input early on, the mass adoption of new processes becomes far easier, eliminating everything from the simple ignoring of process, to the more dangerous aspects of bad or cumbersome processes that foster issues such as rogue IT.
Lastly, there is the product aspect of the entire initiative. Once the people and process aspects are solidified, choosing the right product becomes easy. It's simply a matter of best fit. And whether that’s based on something as simple as feature / function, to interface, and more, all of the heavy lifting as to what will work best has already been done. To put it simply, the people have spoken.
As the title of this article states, cyber security products don't actually do anything until configured properly to address people, process, and business needs. The idea of plug and play in any realm is never a good approach to solving a problem. But when the trifecta of people, process, and product is addressed in an appropriate manner and sequence, it's amazing what can be accomplished.[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]
décembre 14, 2021
LOG4j Vulnerability – What You Need to Know to Protect Your Network
This week, cybersecurity and IT teams around the world are scrambling to protect their networks and data from the Apache Log4j vulnerability. This high-risk vulnerability, which has the potential to affect millions of Java-based applications, is being actively exploited, causing a full-blown,...
octobre 28, 2021
Sacha Gera, President of IT and Cyber Solutions, weighs in on today's top cybersecurity threats faced by businesses.
The Ottawa-based leader and Forty Under 40 recipient has nearly twenty years of experience in SaaS industries, professional services and M&A, working in technology for both start-ups and large multinational organizations, such as IBM, Nortel and CGI. Sacha joined Calian in September...
Étude de cas | Covid-19 Response Services
Étude de cas liée à la pandémie de COVID-19
COVID-19 : Les ressources que nous offrons en matière d’intervention de crise