Skip Navigation
20 Sep 2022 • 4 min read

Security - The Myth of Secure: Achieving Security, Not False Assurances

It’s no surprise that many people today place a high priority on security. In light of the increasing number of data breaches and cyberattacks, it’s no wonder so many people worry about protecting their information. As it turns out, there are still some misconceptions about what “secure” really means. Despite the obvious need for improved security, many people still don’t understand what it takes to achieve true safety, leaving them vulnerable to malicious activity.

The word “secure” is often used figuratively as if it were something that could be obtained and held onto forever. In reality, secure is a verb, not a noun. Despite the fact that you can secure something, it cannot be considered “secure”. For example, an organization might invest in the latest firewall technology and encrypt their data, making their systems “secure” for the moment. However, if they do not monitor for threats and update their systems with the latest security patches, their data is not truly secure. I believe it is an extremely important distinction to understand even though it may seem like splitting hairs.

As the famous American author, lecturer, and political activist Helen Keller once said: “Security is mostly superstition. It does not exist in nature.”

In order to protect something from harm or theft, protective measures must be taken. It is imperative to stop thinking of security as a done deal. Our approach needs to change from being reactive to continuous risk assessment and mitigation. This will help to ensure that our systems remain resilient in the face of emerging threats. Security must be viewed as a continuous process, as threats continuously evolve. As we assess risks, we should develop strategies to mitigate them, rather than rely on outdated security measures. By doing so, we can ensure that our systems remain safe and secure from threats.

In the same way that a train gathers speed as it moves down the track, computer crime increases as technology advances. Without adequate cyber security measures, a successful cyberattack could cause catastrophic damage. Colonial Pipeline, for example, was forced to close its operations as a result of a recent ransomware attack. Consequently, there were shortages of products and fuel prices skyrocketed throughout the United States. Moreover, cybercrime has increased 300% since March 2020, with more than 4.7 million incidents reported in the USA in 2020 (compared with 1.5 million in 2010).

As a result, we cannot become complacent when it comes to our security practices since new vulnerabilities appear every single day. We need to take into account these emerging threats in order to keep our systems up-to-date with the latest security protocols and technologies available on the market today.

No matter whether it is an individual computer or a network, you should evaluate a system’s security in terms of both its technical capabilities and its socio-technical aspects. User access control policies or even employee awareness programs are examples of how to teach users how to behave responsibly online (examples: creating strong passwords; using two-factor authentication). It might seem like a daunting task, but fortunately, tools are available that can assist in streamlining this process. For example, penetration testing tools can be used to simulate cyberattacks in order to identify potential vulnerabilities in systems before malicious actors are able to exploit them. This reduces the potential for risk exposure.

These concepts are critical for all those involved in managing any kind of system; developers should ensure they know best practices when coding applications, and IT professionals should ensure their networks are monitored for suspicious activity - internally (by employees) as well as externally (by malicious actors). Furthermore, organizations that manage sensitive data (such as financial institutions and healthcare providers) need to develop processes that enable them to detect intrusions quickly so that they can take action quickly before damage occurs. Otherwise, they may face hefty fines from regulatory agencies if they do not comply with GDPR/HIPAA/etc regulations that are set up by government agencies like the FTC/FDA. For example, Equifax was required to pay up to $700 million in fines and monetary relief to consumers over a 2017 data breach that affected nearly 150 million people.

As we discuss ‘security’, we need to remember that it’s not static. It’s constantly evolving as technology advances, as well as social factors such as user behavior and culture change. In order to remain ahead of those trying to exploit them digitally, companies need to adjust their approaches accordingly. Ultimately, security should always be viewed as a verb rather than a noun – because only then will organizations realize the importance of taking proactive measures to protect their data & assets against the potential risks in today’s ever-changing environment.

Latest Blog Posts

Hi, my name is Dillon Baird, and I’m a progress bar-aholic. There, I said it. It feels good to get that off my chest. It’s a problem, I know. But like any true addiction, I can’t help myself. Those little bars, those tiny digital beacons of hope, they’re my kryptonite. “I’m a progress bar enthusiast, a connoisseur of digital waiting.” - Dillon

June 15, 2024 • 5 min read

Ever had one of those days where nothing seems to go right? You’re trying to make your website perfect, but instead, it’s like the universe is playing a cruel joke on you. That was me recently, tangled in a web (pun intended) of frustrations while trying to set up a custom 404 error page for my website. Hosted with Docker and NGINX, my site stubbornly displayed the default NGINX ‘Page Not Found’ message instead of my sleek, custom 404 page. After countless failed attempts to fix it, I decided to call in reinforcements—Cloudflare Workers. If you’re nodding your head in sympathy, keep reading. This post is for you.

June 2, 2024 • 6 min read

Large language models (LLMs) are powerful tools, but running them on your own can be a challenge. Ollama simplifies this process, allowing you to run these advanced models directly on your local machine, without the need for expensive cloud services or specialized hardware. With Ollama, you gain complete control over your AI tools. Customize them to your specific needs and experiment freely without worrying about high costs. Plus, you can break free from reliance on cloud providers.

May 11, 2024 • 16 min read

Join My Newsletter
Stay in the loop with all of my latest content.
Subscribe to Feed
Still using an old-school RSS reader like me?
No comments yet!

GitHub-flavored Markdown & a sane subset of HTML is supported.