Recently I read an article, I read a lot of them during the course of the day and this one caught my interest because it is focused on both cybersecurity and Star Trek. The article is well put together and really does look at how something so basic and earth changing can turn into something so misunderstood and problematic.
Like any technology the internet has its seedier side, but it is not until you start to dissect the system that you notice the flaws, especially the problems that have only started to appear in the last 12 months to two years. In the article the star trek transporter is used as an allegory and following the global acceptance and the normal progression of the system you can see a very real problem that can arise from such a system.
The transporter is originally feared by the public, (accidents, miss direction, bad coordinates) becomes accepted, enters the main stream conscienceness as a tool with substantial benefits and finally becomes something to fear as thieves and robbers pop in and out of your house and office stealing everything that is not nailed down.
Sounds familiar? by the time you get to the point where the criminal elements are using it for nefarious means the general public is now playing catch up. Worst of all the bureaucrats and governments now have to apply stringent rules and controls on the use of the transporters which do not work or only work in certain circumstances.
So Looking at cyber security, the position that the bureaucrats, governments and businesses find themselves in now is a similar conundrum. The Internet has been around since the 1990’s, we have gone through the stages of fear, the stage where it was said that it will never catch on to being used as the preferred medium of communication across the globe, to now, where it is one of the most feared problems associated with business.
The more we use it, the more it becomes integrated into everyday life and business, the more we start to see problems associated with protecting ourselves, our business and our clients. The protection of these areas has now become a business driver for most businesses, where vast amounts of money are paid to ensure that the data is safe and secure.
My preferred solution to this problem is not to use the Internet, although this is not practical.
So my second solution is to create an interlocking level of protection that has four components. Each component works on its own, works with the other three components and when combined with all of the components creates a security envelope that is easier to manage.
The four components are Technology, management, adaptability and compliance. Once combined the addition of new technology, changes to management practice, creating more flexibility in the business and new compliance regulations will have little problems being integrated into the whole security system because the framework is already in place.
Want to know more about the framework then go here. SME Security Framework