Explaining the challenges of Cybersecurity with simpler methods
From our Cyberjokes blogposts 3 jokes in bold:
Hey! It compiles! Ship it! (i.e. software is built fast to make money) security is not in most programmers minds, deadlines are.
The computer is mightier than the pen, the sword, and usually, the programmer. (we need the computer in 2016 and the Internet)
In order to understand recursion you must first understand recursion. Understanding Cybersecurity is difficult, as the sophisticated hackers take advantage of people that don’t understand.
Explanation of recursion:
Recursion has something to do with infinity. I know recursion has something to do with infinity. I think I know recursion has something to do with infinity. He is sure I think I know recursion has something to do with infinity.¹
The above 3 jokes set up the reality of Cybersecurity. There is no such thing as 100% secure, since humans create software and we need to use the Internet in 2016 and beyond. BUT to understand Cybersecurity you must have a lot of IT knowledge and that knowledge is too difficult to convey.
And the cartoons show that the weak link will always be humans in front of computers.
We only internalize what we understand – but hackers hack you no matter _your_ understanding.
All of us need to understand the problem of Cybersecurity and spend at least 10% of time on it. Can we ever just not pay attention? I spent X$ why do we have to do more? I have a Next Gen firewall and Anti-Virus why do I have to do more?
True Compliance requires a firewall and Anti-Virus. But anti-Virus is not effective and a Firewall gives only so much protection.
A smattering of important posts in the past year:
Chip&Pin Credit Card Adoption 10 million merchants missing? http://oversitesentry.com/chippin-credit-card-adoption-10-million-merchants-missing/
last Week in June (06/27 – 7/1)
IoT Botnet Can DDoS Your Webserver http://oversitesentry.com/iot-botnet-can-ddos-your-webserver/ … 25000 CCTV devices attacking
2nd week in June: (6/06 – 06/10) Cybersecurity & Internet: Too Complicated? http://oversitesentry.com/cybersecurity-and-internet-too-complicated/ to say adware injection no big deal #cybersecurity is not good
Last Full week in May – (05/23 – 05/27) before Memorial day – The post is actually at Fixvirus.com : https://fixvirus.com/ur-bases-belong-to-us/ Ur Bases Belong To Us
This week’s post(05/09 – 05/13):
http://oversitesentry.com/can-logs-be-changed-by-hackers/ Can Logs be Changed By Hackers?
Last week’s blogpost (05/2 – 05/6) – http://oversitesentry.com/new-pci-compliance-v3-2-now-published/ “New” PCI Compliance v3.2 now published
Do you have a 500barrel RiskGun or a 1000barrel RiskGun? http://oversitesentry.com/how-do-hackers-do-what-they-do/ …
#cyberrisk #cybersecurity problem
I Have Next Gen Firewall Safe Now Right? http://oversitesentry.com/i-have-next-gen-firewall-safe-now-right/ … PaloAlto
#cybersecurity research testing defenses
Compliance is not good enough – Here is a blogpost which reviews a WordPress plugin that was taken over by a hacker (3/10/2016) http://oversitesentry.com/dont-trust-and-verify/ Don’t Trust And Verify
If you updated the CCTM plugin at the incorrect time you could have an infected website (while ‘correctly updating’).
As we predicted in our Feb 29 Blogpost http://oversitesentry.com/another-hospital-computer-system-down-due-to-ransomware/ More hospitals are being infected and taken down by Ransomware (latest is in Western Kentucky)
get used to more of this:
Use the blogposts on this site to help you convince decision makers to take pro-active steps.
To get some background info check last year’s blogposts that discuss Cybersecurity challenges:
Review how bad it was in 2015: http://oversitesentry.com/criminal-hackers-got-your-data-in-2015/
Specifically it can be done with only a single link: http://oversitesentry.com/a-single-link-can-destroy-your-data/
The criminal looks for the low-hanging fruit: http://oversitesentry.com/is-your-it-system-low-hanging-fruit-for-criminal-hackers/