Let’s face it – you could be forgiven for thinking cyber security is boring - It's not...
...but you could be forgiven for thinking it is!
As a rule, those who get excited about cyber security and information security are a rare and valuable breed – these disciplines ensure information, systems, and the people dependent on them, are secure in all manner of ways. Often, in an advocate’s eagerness to convey the message, the meaning can get lost in translation leaving others confused, bewildered and sadly ‘bored’ by what is a compelling and exciting subject.
Do you know what your Cyber Security issues are?
Be honest. Do you actually know what your cyber security problems are? What all those tiny risks and combinations of multiple threats can expose us to? What we want is a trusted system that protects us, our information and what we want to achieve – but do we know what it takes to do this in the face of deliberate or accidental cyber-attacks?
In ignorance, organizations have turned to suppliers of cyber security solutions, often handing over vast sums of money in the vain hope that the sea of expert faces presenting solutions to them on a PowerPoint will somehow ease the impending threat of an attack and make the problem (that they are not so sure about) go away. Some imply scaremongering outcomes, others remind us of eye-watering fines, we see breaches that bring corporations to their knees and reputations lost in a quagmire of damning headlines about personal data being shared and CEOs being duped – there is a lot of opportunity to elicit a knee-jerk response and encourage a ‘fix everything for me, no matter the cost’ response.
How do we know where to start
Here’s the thing … Think about your personal health.. There are thousands of things that could be wrong and there is a specialist for each and every condition you could have. But you don’t go straight to a specialist because there are essential checks (against known measures) that in general, rule out the most common problems as well as highlight areas of recognized concern. These can be done by visiting your GP for a health check. If you attend regularly, the likelihood is that any serious conditions will be identified. At the point of spotting an anomaly, you would be referred to a specialist who could look further into the issue (hopefully at speed as they have the background details already).
Taking this analogy and applying it to cyber security – of course you can go and spend precious time and money visiting specialists for every potential problem (and I dare say achieve a few false positives along the way to get your heart racing and your pockets emptied) …. Or, you can visit your GP who will advise you to keep your weight to the ‘benchmarked’ healthy optimum, check your heart, check your blood, vision, hearing, etc – and highlight key areas of vulnerability – possibly including up to date information and research from the World Health Organization.
CDCAT® is the GP and Medical Consultant of the cyber world rolled into one, with access to a huge database of know-how. It can help uncover unseen issues and security delivery problems on an ongoing basis; or help with a very detailed diagnosis using evidence based decision making. It is aligned with the most influential agencies and standards (such as NIST, NCSC, ISO). Its capability evolves in line with most current threats and risks to ensure you and your organization (along with your supply chain) keep ahead of the threats.
All hail the Cyber Security scientists and engineers
High praise goes to the cyber security scientists and engineers – particularly those with real world experience and respected certifications – it is this rare breed that create unique scientifically evidenced systems like CDCAT® – a project initiated by the Defence, Science and Technology Laboratory (DSTL) and brought to market by APMG.
To find out more about CDCAT or our Cyber Portfolio please contact our Service Desk.
CDCAT® is a registered trade mark of Dstl. All rights reserved.
