Cybersecurity’s importance is now more vital in 2022
Every day we hear how important cybersecurity is or how important it is to “increase your security posture.” But as technology changes and encompasses more of our lives and businesses, the scope of what cybersecurity is grows and the actual meaning starts to become ambiguous.
In the early 2000s, cybersecurity for most businesses was straightforward. Most of a company’s data sat on physical servers in their office or in file cabinets and were protected by a modest firewall, some antivirus software, a basic spam filter, etc. As long as you patched your systems regularly, most businesses were in a reasonable place.
In 2022, we live in a different world. Cybersecurity has become a complex, cross-functional segment of a business, not just something that the IT department has to deal with.
So what exactly is cybersecurity in 2022?
The size and complexity of a cybersecurity program will change based on the organization but all of them will have the same fundamental goals that are collectively known as the CIA Triad.
Confidentiality: Making sure only those who are authorized to access information can do so.
Integrity: Ensuring data has not been tampered with and can be trusted as authentic and reliable.
Availability: Ensuring systems are running and data is available when they are needed.
To accomplish these goals, modern cybersecurity programs now include:
“Blue Teams” who are responsible for:
- Vulnerability and Patch Management programs to ensure all software and hardware is kept up to date in order to remove known flaws that would allow an attacker to circumvent security settings.
- Security Operations Centers (SOC) that keep eyes on all digital assets around the clock and investigate anything that looks suspicious.
- Incident Response teams to scope, contain, eradicate, and recover from breaches.
“Red Teams” who are responsible for:
- Penetration Testing, where specially trained security experts do their best to break into their own company’s network to look for flaws the blue team may have missed.
- Attacker Emulation programs, which simulate the tactics and techniques attackers commonly use, to test monitoring defenses.
- Phishing Tests to try and trick employees into clicking on malicious links in emails.
- Social Engineering to try and exploit the human element of a business’s security strategy.
In addition to blue and red teams, Compliance and Governance teams ensure that data is handled in a manner that is in alignment with federal and state laws like General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA) as well as industry-specific requirements like Payment Card Industry – Data Security Standard (PCI-DSS).
With the rapid adoption of cloud-based technology and infrastructure, these teams are now responsible for the security of more information that’s stored in more places and needs to be readily available. They are also faced with highly sophisticated attackers that range from lone hacktivists looking to get their message out to the world, often via defacing websites or other digital assets, as well as organized crime segments using things like ransomware for financial gain, to state-affiliated actors looking for information or even inflict damage on physical infrastructure. Sometimes there’s a mix of the three.
The challenges of 2022 are significantly greater than even just 10 years ago and only seem to be getting more complex. While not all businesses need all of the items mentioned above, all businesses need some form of cybersecurity today, and it is vitally important that they begin to address these challenges.
# # #
Jordan Silva is senior manager of service delivery at Hawaiian Telcom. Reach him at email@example.com.
© Honolulu Star-Advertiser
Visit this article in the Star-Advertiser.