10 factors that contribute to 'cyber insecurity'
People can have profoundly different mental models of the cyber domain based on their experiences.
To some extent we are all shaped by the breadth and depth of our experiences in the cyber domain. These experiences are what shapes our mental models and drives our actions. The development of our mental models is influenced by related events we are exposed to whether directly or indirectly. These mental models have somewhat culminated around a set of key areas. An interesting question came up last week – based on the last decade of experience -- what would be the top 10 areas that contribute the most to cyber insecurity?
After careful consideration below is my list. (These are not in any specific order. )
--Egos and attitudes of users and security staff.
--Perception of immunity of software suppliers.
--Limited funding for cybersecurity programs.
--Failure to integrate cyber and physical security.
--Inability to keep up with malware production.
--Lack of global cooperation on cyber investigations.
--Global black market for zero-day threats.
--Overlapping, contradicting and confusing regulations.
.--Lack of cyber threat understanding by executives.
--Assignment of responsibility without authority.
Those who have different opinions and attitudes are coming from a different perspective. The warnings about the threats posed by cyberattacks from cleared security professionals are often harsher and express more concerns than those who are not experiencing the brunt or most advanced that cyber attackers have to offer. Based on my perception, the national security implication of these cyberattacks is huge and continues to get worse. The public and private-sector need to come together and address this critical issue before it is too late.