Systems vs. Software

Finding an out-of-the-box software to resolve gaps in your current cyber security state appears easy. The hard part is ensuring the systems and people are in place to do the work.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

It is an old adage that we have all been told or made aware of; Success is 10% Inspiration and 90% Perspiration. Cyber defense is no exception.

Some of the largest cyber hacks in history, like Equifax and Capital One were not due to product failures. They were because of operational failures. The “perspiration” part of the adage above.

In order to build good technology tool sets, implement the right policies, train users and find skilled and available talent requires hard work and a plan to be successful. In the world of cyber security, the success of today could very quickly be the breach of tomorrow. And unlike disaster recovery or other significant governance initiatives, the work is constant versus scheduled.

The term we recommend using in all cyber defense is “system” versus “software”.  As your organization considers software technology, think of the whole systemStart with how it will be administered, reviewed, reported-on and improved versus what is the best tool for the job.

Finding an out-of-the-box software to resolve gaps in your current cyber security state appears easy. The hard part is ensuring the systems and people are in place to have regular and visible output and the resolution to drive changes on the input and further hardening. It is of the utmost importance that you are not relying on software alone. 

 A prime example is modern endpoint protection software, which provides advanced protection for laptops, desktops and cell phones connected to the environment.  When piloting the software, first focus on the output received and the alerting and reacting that will be required. Ensure skilled people are measured on regularly tuning the software and engaging with the business to ensure the policies match business requirements.  The important message is to commit to the work and perspiration associated with post-install to a much larger degree than the implementation itself.

Security maintenance and hardening is difficult and thankless, but it is the most important part of the cyber security story and the successes you never hear about.

Insights From a Female Network Engineer

I realized that being a woman was actually a strength rather than a weakness. I feel it has allowed me to bring a unique perspective and way of thinking to networking problems and to the culture of our team.

Read More »

The Importance of Technical Documentation

What do you think of when you hear technical documentation? Are you thinking of manuals? How-to guides? Endless papers of technical blueprints? Technical documentation is much more than this—it is about helping customers and engineers effectively and efficiently solve issues that come up.

Read More »

How to Reduce Risk After Sensitive Data is Leaked

The constant onslaught of data breaches is so exhausting that the term “breach fatigue” has emerged in recent years to describe the public’s growing sense of burnout. While the problem of data breaches can seem overwhelming, the good news is that there are steps every organization can take to reduce risk to their communities, even after a breach.

Read More »

Systems vs. Software

Finding an out-of-the-box software to resolve gaps in your current cyber security state appears easy. The hard part is ensuring the systems and people are in place to do the work.

Read More »