Cyberwar. Cyber-weapons. Cyber super-power. Cyber-attacks.
The entire cyber jargon is tainted in camo colors, making it to look like a bloody battlefield. As with many other things, this too is to blamed on popular films and TV shows from that horrible decade, the 80’s, which created such a powerful image of the hacker playing with sensitive computer networks and nearly causing a nuclear war between the US and the USSR that it remains with us to this day. (Funny enough, the military cyber capabilities of the time were way below what was depicted in popular media). And today, it is clear that military forces worldwide have embraced the digital battlefield, with most nations now possessing some manner of cyber weapons. But, as true as this may be, the fact that military terminology has all but engulfed the cybersecurity lingo is detrimental to the very success of cybersecurity efforts in non-military organizations.
Why?
Because language creates perception and reality. When decision-makers are presented with estimations regarding the capabilities of their organization (which could be a retailer, pharma, or education institute) to defend (a military word) itself against attackers (another) and their weapons (oops), they automatically rewind the film in their heads to that 80’s film and think “Cyberwar.” This can have three negative effects on an executive’s decision-making process.
Free eBook: Modern Retail Security Risk – Get your copy now.
First – While there are military actors in the cyberspace, the overwhelming majority of harmful activities are conducted by criminals and hacktivists. Thinking about a military adversary is almost always looking at the worst case scenario, and as such, usually leads to paralysis. How can we defend against the Chinese/Russians/Americans?
Second – The majority of tools (not weapons) are not military grade but are developed and sold by commercial entities operating in the grey area between legitimate software (and even infosec) companies and cybercrime. These tools are not Stuxnet-grade secret weapons that no one knows about or can protect against. In fact, they are usually re-used malware which for the better part, have been known for years.
To read the remainder of this post, please view the original article published on Cytegic’s blog here.
About Cytegic
Cy-te-gic /pronounced: sʌɪ-ˈtē-jik/ adjective: A plan of action or strategy designed to achieve a long-term and overall successful Cyber Security Posture Optimization – “That firm made a wise Cytegic decision”.
Cytegic develops a full suite of cyber management and decision-support products that enable to monitor, measure and manage organizational cyber-security resources.
Cytegic helps organization to identify threat trends, assess organizational readiness, and optimize resource allocation to mitigate risk for business assets.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.