Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

Be cyber aware

In one of my favorite movies, Mivtza Savta ("Operation Grandma"), the hero is asked how he became so successful, and the answer amazed me. "I wake up in the morning, immediately start running as fast as I can and then slowly pick up the pace ..." After more than 20+ years in the cybersecurity industry, I know this is the only route we have as cybersecurity professionals.

Through the last years I have been in the security industry, I have seen many changes. I saw the rise (and fall) of cyber empires, new and old ideas. I watched the birth of new attacks and new mitigations; and how both sides are so invested in reinventing the world, day in, day out.

The cybersecurity industry is innovative; it is learning and it has a pace like no other. We are living in an era that is multiplying itself. Everything is accessible. And guess what: The pace is not going to slow down.

Most industries are taking ideas and making them reality today — at the latest tomorrow. What about the security industry? We are fighting today the threats of 6 months from now. You might ask, “How can this be? How can we even identify what is going to happen in 6 months?” The answer is simple: We can’t, but the hackers using these vulnerabilities and attacking us don't care about this. They are identifying today the vulnerabilities they will use in the next attack which will take place in 6 months.

This means that we need to change our mindset. We can (and many cases do) manage the threat when it is an idea and not an incident. Achieving this is not as easy as I might make it sound. Achieving this requires us to have a cyber-aware mindset. It requires our partners, all of them, to be on the same page as us.

Our partners are the IT department, procurement, business leaders, and mainly our C-level management. They all need to pitch in. It is not the lone struggle of the CISO wandering the wilderness of cyberattacks while others are sleeping tightly in their beds. It requires every one of the partners to push this effort forward.

The role of leader can’t be given to you; you need to own it. You have to earn it. It's not just a charisma or a nomination — it is the way every fiber in your body responds. Now is time that we all take the leadership position in regard to cyber-aware mode. It is time to understand how we can make a difference.

CISO and security professionals: Listen to your partners and understand the business need. Don't jump directly to the well-known, "No, this can't be done" solution. Get to know your peers and teach them. Don't think that they know what you know.

IT professionals: Look beyond how to make the machine/application work better (removing the security controls is not the only solution). Make yourself aware of the right way to do things. Be aware of the threats and vulnerabilities, and above all, how to avoid them. Stop considering the security professional walking in front of you in the hallway as your enemy or as another burden you have to suffer. Understand that this is a key partner in the organization’s overall success.

To be cyber aware means to assume responsibility, to embrace the challenges and understand them. It is about taking the steps you are required to take when you need to do so and not to leave it to the others.

Procurement department: Please understand that you have a major role in what's coming into the company — including and most of all new technology and shadow IT.

Users: This is your workplace. This is an environment that might be critical for your family, your country, and even more for your wellbeing. You don't need a well-drafted acceptable use policy (AUP) document to know that clicking on an unknown link might take you to a strange and risky situation. Inserting a USB drive you got in a conference or found on the floor is the equivalent of playing Russian roulette with a pistol full of bullets.

To be cyber aware means to assume responsibility; to embrace the challenges and understand them. It is about taking the steps you are required to take when you need to do so, and not to leave it to the others. Being cyber aware requires you to be at the forefront of progress and technological evolution because if we are honest, what other options do we have?

#cyberlion #cyberaware

Share this blog article