20 Sep 2022 • 4 min read

Security - The Myth of Secure: Achieving Security, Not False Assurances

It’s no surprise that many people today place a high priority on security. In light of the increasing number of data breaches and cyberattacks, it’s no wonder so many people worry about protecting their information. As it turns out, there are still some misconceptions about what “secure” really means. Despite the obvious need for improved security, many people still don’t understand what it takes to achieve true safety, leaving them vulnerable to malicious activity.

The word “secure” is often used figuratively as if it were something that could be obtained and held onto forever. In reality, secure is a verb, not a noun. Despite the fact that you can secure something, it cannot be considered “secure”. For example, an organization might invest in the latest firewall technology and encrypt their data, making their systems “secure” for the moment. However, if they do not monitor for threats and update their systems with the latest security patches, their data is not truly secure. I believe it is an extremely important distinction to understand even though it may seem like splitting hairs.

As the famous American author, lecturer, and political activist Helen Keller once said: “Security is mostly superstition. It does not exist in nature.”

In order to protect something from harm or theft, protective measures must be taken. It is imperative to stop thinking of security as a done deal. Our approach needs to change from being reactive to continuous risk assessment and mitigation. This will help to ensure that our systems remain resilient in the face of emerging threats. Security must be viewed as a continuous process, as threats continuously evolve. As we assess risks, we should develop strategies to mitigate them, rather than rely on outdated security measures. By doing so, we can ensure that our systems remain safe and secure from threats.

In the same way that a train gathers speed as it moves down the track, computer crime increases as technology advances. Without adequate cyber security measures, a successful cyberattack could cause catastrophic damage. Colonial Pipeline, for example, was forced to close its operations as a result of a recent ransomware attack. Consequently, there were shortages of products and fuel prices skyrocketed throughout the United States. Moreover, cybercrime has increased 300% since March 2020, with more than 4.7 million incidents reported in the USA in 2020 (compared with 1.5 million in 2010).

As a result, we cannot become complacent when it comes to our security practices since new vulnerabilities appear every single day. We need to take into account these emerging threats in order to keep our systems up-to-date with the latest security protocols and technologies available on the market today.

No matter whether it is an individual computer or a network, you should evaluate a system’s security in terms of both its technical capabilities and its socio-technical aspects. User access control policies or even employee awareness programs are examples of how to teach users how to behave responsibly online (examples: creating strong passwords; using two-factor authentication). It might seem like a daunting task, but fortunately, tools are available that can assist in streamlining this process. For example, penetration testing tools can be used to simulate cyberattacks in order to identify potential vulnerabilities in systems before malicious actors are able to exploit them. This reduces the potential for risk exposure.

These concepts are critical for all those involved in managing any kind of system; developers should ensure they know best practices when coding applications, and IT professionals should ensure their networks are monitored for suspicious activity - internally (by employees) as well as externally (by malicious actors). Furthermore, organizations that manage sensitive data (such as financial institutions and healthcare providers) need to develop processes that enable them to detect intrusions quickly so that they can take action quickly before damage occurs. Otherwise, they may face hefty fines from regulatory agencies if they do not comply with GDPR/HIPAA/etc regulations that are set up by government agencies like the FTC/FDA. For example, Equifax was required to pay up to $700 million in fines and monetary relief to consumers over a 2017 data breach that affected nearly 150 million people.

As we discuss ‘security’, we need to remember that it’s not static. It’s constantly evolving as technology advances, as well as social factors such as user behavior and culture change. In order to remain ahead of those trying to exploit them digitally, companies need to adjust their approaches accordingly. Ultimately, security should always be viewed as a verb rather than a noun – because only then will organizations realize the importance of taking proactive measures to protect their data & assets against the potential risks in today’s ever-changing environment.

Latest Blog Posts

As I explore the world of AI, I sometimes find myself in a role I didn’t expect: part-digital therapist, part-coach. It was surprising to see how these AI systems at first seemed to react to encouragement or feedback, similar to coaching a talented athlete. This experience was more than just learning about what AI can do. It was a window into our innate desire as social beings to connect with and humanize our technological creations, no matter how sophisticated their underlying code may be.

January 29, 2024 • 15 min read

In “Echoes of a Digital Dawn,” I explore the evolution of technology and its impact on creativity. It’s a nostalgic journey from the simplicity of MS Paint to today’s AI-driven world. The poem contrasts the patience of the early digital era with the instant gratification of the present. It reminisces about dial-up tones and floppy disks, reflecting on how these elements shaped our experiences. The poem underscores the importance of the human touch amidst technology’s rapid advancement, advocating for a balance between digital progress and the creative spirit.

January 23, 2024 • 2 min read

Embarking on a coding journey is akin to setting sail across uncharted digital waters. My odyssey began with a modest Tandy 1000, leading me through a dynamic array of programming languages, each sculpting my perception of the technological realm. I invite you to join me on this exhilarating expedition as I recount how embracing syntax agnosticism has been pivotal in my growth and versatility amidst the continuously transforming world of software development.

January 11, 2024 • 25 min read

Join My Newsletter
Stay in the loop with all of my latest content.
Subscribe to Feed
Still using an old-school RSS reader like me?
No comments yet!

GitHub-flavored Markdown & a sane subset of HTML is supported.