For any organisation above a certain size, effective and efficient protection can only result from the layered application of protective measures at people, process and technology level. And in that order.
Author: Jean-Christophe Gaillard
Taking a pure operational approach to cyber security fails because it downgrades a complex matter and negates its true dimension. It is not – and has never been – a purely technical problem.
Expert Contributor and cybersecurity specialist Jean-Christophe Gaillard highlights the instability of the current security landscape. Specifically, he delves into why cutting security spending to the ground in the midst of the COVID-19 crisis would be disastrous.
Nobody really knows what the “new normal” will be like and when – and how – the dust will settle. But it is hard not to see tech, security and privacy coming out stronger.
While this is better than doing nothing or relying blindly on the security of cloud providers, those externalised, part-time services – often delivered remotely – are rarely the magic bullet they pretend to be…
It does not make sense to oppose maturity-based approaches and risk-based approaches to cyber security: They are just different ways of managing, driving and measuring action around cyber security in different situations and different firms. One does not have to be superior to the other.