Cybersecurity Rules of Thumb

The truth is that in today’s hyperconnected world, maturity-based cybersecurity programs are no longer adequate for combatting cyberrisks. A more strategic, risk-based approach is imperative for effective and efficient risk management (Exhibit 2).

1. How something appears to you may not be how it is.


2. What is said or shown may not be all there is.


3. What is true for me may not be true for you.


4. The same words may mean different things to different people.


5. What people say may not be what they mean. Because comms is lossy and language is me

The answer, I believe, lies in fostering a strong cybersecurity culture within organisations. It’s not enough to simply implement technical solutions and hope for the best; we must fundamentally change the way we think about and approach cybersecurity. This means embedding security into every aspect of an organisation’s operations, from the boardro

Mostly, they seek out vulnerabilities, detect attacks, and eliminate compromises. Of course, the size of the attack surface and the sheer volume of vulnerabilities, attacks, and compromises means organizations must make tough choices; not everything gets fixed, stopped, recovered, and so forth. There will need to be some form of acceptable (tolerab

Let's keep in mind the words of Deputy Chairman Victor Zhora: "Resilience stems first from basic cyber hygiene." By prioritizing cybersecurity, planning for crises, and creatively reducing risk, we can build a more resilient future.