Cybersecurity — Ensuring Safe and Secure Networks for All.
The past few years the tech war with China has been a top foreign policy issue amongst all G20 Nations. With the controversies behind the unsafe and insecure networks of Huawei, two things are at risk: security and sovereignty.
It has taken me some time to better grasp, understand the nodes of cybersecurity. With limited know how and soft immersion to electrical engineering in Telco, my bridge to tech has primarily stemmed from innovation, tech start ups and digitized public services. However, on a very exciting project, I’ve had the opportunity to better assess and evaluate the risks that cybersecurity may pose for nations. These risks could be said to be posed for multinational corporations, SMEs, and users of technology as well.
What is Cybersecurity?
There are many definitions to Cybersecurity.
According to the ITU, cybersecurity is (2010):
“Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.”
It can also be suggested that cyber environment could be tied directly to the operations and data of Technology and Communications of an organization.
Another supporting definition from ITU that captures the risk mitigation of cybersecurity is:
“ Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.”
- Password Theft
- Traffic Interception
- Phishing Attacks
- Loss of Data
- Security Breaches (Hackers)
- Deployment of intrusion detection systems
- Restriction of access
In national systems, these risks have to be mitigated and closely monitored. They can also occur in corporations, SMEs, and even for personal or lay users of technology.
According to UpGuard, cybersecurity risks can be mitigated in an organization through deploying the following types of cyber defence activities:
- Assessing and Building Cybersecurity Risk Management (Plan)
- Investing, Training a Chief Information Security Officer (CISO) within the organization
These can lead to the following positive goals for cyber hygiene such as :
- Administering security procedures, conducting training, and testing
- Maintaining secure device configurations, installing up-to-date software
- Building intrusion detect systems
- Configurating secure networks and protection of business networks
- Encrypting data where necessary (choosing what data needs to be encrypted prior to)
- Proper configuration of cloud services
Cybersecurity is agile and a continuum…
Once your Chief Information Officer (CISO) is established in an organization, your cyber risks will not entirely go away. Your organization will be better positioned to, but according to UpGuard, “cybersecurity risk management is a long process and it’s an ongoing one.”
Cybersecurity in order to be properly mitigated requires all hands on deck. From a management perspective, it could be suggested that it requires the involvement of all departments and employees for it to be viable.
Can Cybersecurity be an opportunity for Change Management/Innovation in an organization?
Certainly. When a new behavior or innovation is introduced in an organization, it inherently tied to change management. So if you’re a company, organization, or public official wanting to reach higher capability in cybersecurity, see this opportunity of repositioning your cyber hygiene as an opportunity for change management or innovation. Safe and secure networks allow teams to perform better, and most importantly it is a major value add for your customers, or constituents. Ensuring safety is tied to comparative advantage.
For Latin American Nations and Governments seeking to develop their State Capability in Cybersecurity, kindly see below for an excellent program with the Organization of American States (OAS).