donderdag 29 augustus 2013

Ditch Cyber campaign

A few weeks ago I started my #ditchcyber campaign, or #wegmetcyber in Dutch. The reason for doing this is that in my opinion the word cyber is misused a lot. Right now cyber is connected to almost every event that is happening on the internet, in the cloud, in datacenters, at home and in the office. In many cases cyber, followed by another term, has a very negative meaning, if someone uses the word Cyber it's about trouble. War, crime and we need cyber security, a cyber army and cyber police to help us against these cyber threats.
And now this means that the audience only knows about cyber where it has this special negative meaning. Cyber requires special cyber forces to guard us from risk.

And what is really the case? It's about information security. It's about professionalism. It's nothing more than managing bits and bytes. But we are just too lazy to do it right, or we just spend too little money to make it secure. And then when something bad happens, a data leak, or a ddos attack, or whatever crosses your mind, then there is the big CYBER excuse.

Well excuse me, you don't hide stupidity in empty words.

I don't want to be rude, but most incidents are of our own doing, they are human errors. Nothing new. Data leakage, like Manning's, happen because of lousy access control and bad logging. Hack attempts because of lacking configuration and patch management. Ddos because of bad architecture. Priviliged account misuse because of social engineering. Identity theft because of lacking awareness. Fraud because of lacking segregation of duties, lack of governance. Foreign intelligence acting hostile? Because of our own lacking governance and our being pennywise.

Did I mention cyber? Sorry, no way. Nothing new, just the same old errors. But since we call everything Cyber, we obfuscate our own lack of responsibility and lack of accountability. Makes it so easy...

So here I am, a lonely cyber warrior, ditching cyber. Feel free to join the campaign.

And please lookup the real meaning of cyber everything on wikipedia.

#ditchcyber (@alcyonsecurity came up with this translation, thanks!)

Geen opmerkingen: