2 min read | November 7, 2019 | Bill Dunnion
Your Cyber Security products don't do anything
In today's commodity-driven world, our collective society is constantly told what to buy: quick purchases that can solve all our problems with a single product. It's literally what the advertising industry is built on. Whether it's a quick-fix, money-making scheme, a new weight loss product, the latest in fashion trends—every product promises something nothing short of miraculous.
The question: Is the cyber security world any different? It's always easy to sell point solutions to address the challenge of the day, but as I've alway said about point solutions—it's not polite to point. Thinking that a single product will suddenly protect an organization from an army of cyber attackers just isn't feasible.
In our new world of always on and always connected, so too are the nefarious individuals who are constantly in the shadows trying to infiltrate every system possible: people behind the keyboards running the scams and taking advantage of everything they can. So if people are at the heart of the problem, so too must people be at the heart of the solution.
Like any business process management endeavor, there first needs to be a profound account of everything from corporate culture, to how people work in groups and the associated systems needed for divisions to do their jobs, how those systems and groups interact with other systems and groups and, of course, how individuals ultimately interact with other individuals and systems.
In short, placing people at the forefront of any cyber security solution is essential for success. It's at this stage where an intrinsic understanding of how people interact with each other and the organization creates the road map to success. Furthermore, it also creates the perfect opportunity to enable input from teams and individuals to ensure that new security measures don't actually hinder business—yes, that can happen.
By involving people in the initial phase of the project, educational factors can be addressed along with best practices, and more. Simply put, when everyone knows what is happening and is involved and engaged, the next step becomes far easier to implement and manage.
Once the human equation is addressed, the next logical phase is creating the process. By leveraging stage one findings—the human factors of business—processes become very clear as to what will work and, more importantly, what won't. And, again by garnering people's input early on, the mass adoption of new processes becomes far easier, eliminating everything from the simple ignoring of process, to the more dangerous aspects of bad or cumbersome processes that foster issues such as rogue IT.
Lastly, there is the product aspect of the entire initiative. Once the people and process aspects are solidified, choosing the right product becomes easy. It's simply a matter of best fit. And whether that’s based on something as simple as feature / function, to interface, and more, all of the heavy lifting as to what will work best has already been done. To put it simply, the people have spoken.
As the title of this article states, cyber security products don't actually do anything until configured properly to address people, process, and business needs. The idea of plug and play in any realm is never a good approach to solving a problem. But when the trifecta of people, process, and product is addressed in an appropriate manner and sequence, it's amazing what can be accomplished.
December 9, 2022
Calian IT and Cyber Solutions once again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List
Calian IT and Cyber Solutions (ITCS), a leading provider of IT and cybersecurity services for enterprises across the United States for the last 40 years, was again listed on the Houston Business Journal’s 2022 Largest Houston-area Cybersecurity Companies List - a fourth...
November 30, 2022
Calian Receives Cisco Regional Partner of the Year Award: TAO at Cisco Partner Summit 2022
At Cisco Partner Summit 2022, Calian was honored with the Cisco Regional Partner of the Year Award for its innovation, leadership and best practice as a Cisco business partner across Texas, Arkansas and Oklahoma.
November 3, 2022
In Case of Emergency… Have a Plan
When an emergency occurs, it’s too late to plan or rehearse the response. Fires, floods and other disasters don’t pause while you get ready to address them. Policies, plans and procedures for response must be in place long before they are needed.