Federal cybersecurity needs a paradigm shift
- By Dave McClure
- Aug 12, 2016
Insecure. Vulnerable. Victimized. Reactive.
In many ways, the current cybersecurity prevention theme focuses on security itself as an end game. This focus accentuates what constitutes bad cybersecurity and the ensuing risks to high-value business assets. But there’s a new way of thinking starting to emerge.
It is becoming obvious that in today’s cyber threat ecosystem, organizations cannot “eliminate” all security threats and vulnerabilities. Government and industry are acceding to the “assume you've been compromised” battle cry. In order to advance cybersecurity thinking, we need resilient, well-implemented cybersecurity as a business liberator.
To do so requires a paradigm shift. By putting smart, business-centric security in place that addresses critical and prioritized risk areas, executives can re-focus their energy, passion and resources to the unchartered and breakthrough performance improvements created by today’s technology options. This involves building business performance leaps using newer processes, innovative services, and greater business proficiencies (via cloud, mobile, digital, IOT, etc.).
In short, well-run cybersecurity should help move organizations forward instead of constantly holding them back. Without being naïve to the daunting and evolving cybersecurity risks, there is a strong argument to make that effective cybersecurity should give executives confidence to explore, innovate and delight customers.
That paradigm shift cannot happen, however, without some building blocks leading to greater confidence in cyber readiness and preparation. Here is what is needed:
- Boardroom-level discussions around high-priority cyber risks that pose the greatest peril to business/mission services delivery.
- Confidence in a performance-driven cybersecurity maturity metrics addressing key risk areas, so that appropriate and targeted resources can be allocated to cybersecurity staffing and services.
- A discussion around the business process, workflow, supply chain and customer service delivery pain points that must be modernized, with secure technology options built in from the ground up.
Your organization's business growth requires a bold move into emerging technologies, capitalizing on new business models. Your cybersecurity team will benefit from security experts who can tailor those building blocks based on real-world experience, great customer testimonials and proven project leadership. Challenge your team to use this new perspective on security to succeed.
Dave McClure is chief strategist at Veris Group. He formerly served as Associate Administrator of the Office of Citizen Services and Innovative Technologies (OCSIT) in the General Services Administration.