Cybersecurity Rant - Senselessly Repeating Mistakes
We often complain how tough cybersecurity is, yet we often make the same mistakes again and again. It’s true, cybersecurity is an unforgiving underdog of a situation that is complex, relentless, incredibly difficult to overcome, and often thankless. But we are not doing ourselves any favors by rinsing and repeating the same blunders over again. We must learn and get better so as not to repeatedly make the same mistakes. Several years ago, out of frustration, I created a class with LinkedIn Learning to call out the biggest systemic problems in cybersecurity with the hope that we could get better at avoiding such foundational face-plants.
Know what? The prevalence of those 5 issues have NOT CHANGED! We continue to stumble, repeat mistakes, and fail to learn from the lessons of people before us.
Top 5 Cybersecurity Organizational Mistakes:
1. Inexperienced Leadership - because a bad leader can undermine even the best team!
2. Deprioritizing Strategic Thinking – just running fast doesn’t mean you are heading in the right direction and being stuck in a firefighting mode, won’t ever get you ahead of the risks!
3. Failing to Optimize for Threats – “He who defends everything, defends nothing.” – Fredrick the Great.
4. Insufficient Organizational Teamwork – cybersecurity is not a solo act, success requires a group of heroes working together
5. Failing to Maximize Value – at the end of the day, cybersecurity is a function to protect and support the business – therefore we must maximize our value to justify the investment
We can’t make cybersecurity easy. There is no magic wand, innovative tool, or master playbook that will fix or ‘solve’ cybersecurity. But we can avoid many of the gator infested pitfalls if we simply learn to not make mistakes that are already well documented.
So, back to that class that is normally behind a paywall – I realized that as the author I have the ability to create a free access link (for friends and colleagues), essentially giving it away for free for a period of time (thanks LinkedIn Learning). So, let it be known that I consider all my 195k LinkedIn followers as friends or colleagues and am providing a free link to them:
https://www.linkedin.com/learning-login/share?forceAccount=false&redirect=https%3A%2F%2Fwww.linkedin.com%2Flearning%2Ffive-biggest-mistakes-of-cybersecurity-programs%3Ftrk%3Dshare_ent_url%26shareId%3DRh8x9g2LR46Rk51XOTyuRQ%253D%253D
No excuses! Take the free training, skim over the videos. Tell me what you think is missing. Share your insights. But let’s not keep making the same mistakes! Cybersecurity is already tough enough.
