Perfect Cybersecurity Makes No Business Sense


We’re going through a shift in thinking in cybersecurity. In the old days, we thought one solid line of defense was enough — keep the bad guys out and life would be good. Then we found out that bad guys are wily and would find different ways in. The result was security sprawl: so many technologies, so many ways to defend, but no way to do it all, no way to hire enough experts in all these different techniques. Every organization I meet has 20 technologies they have decided are essential to their security but enough skilled staff to operate maybe five of them the way their designers intended. There’s a lot of making do and a lot of running to stand still going on. It’s not that we lack knowledge about what to do to deliver security — we

... read more at: