That are apparently not random at all!
While security is not a random matter, I found these three random thoughts to be interesting, but without an obvious connecting thread. Except for the common theme of security. So take your pick. Get a small dose of security and inoculate against the real disease. Oh yes. Read all three and discover how they’re not so random after all.
Random Thought Number 1
How to Improve Cybersecurity? Just Eliminate the Human Factor
By CHRISTOPHER MIMS, WSJ
Jan. 18, 2016 9:00 a.m. ET
“The computer systems that run our world—the ones that secure our financial information, protect our privacy and even keep our power grid running—all have a critical, unpatchable weakness. It’s the humans who use them.
“History has shown us we aren’t going to win this war by changing human behavior. But maybe we can build systems that are so locked down that humans lose the ability to make dumb mistakes. Until we gain the ability to upgrade the human brain, it’s the only way.”
[Editorial comment – I trust you didn’t miss the second line of the title. “Just eliminate the human factor.” Really?! Yes, that’s a great solution. Offered by the WSJ. Honestly speaking? It makes me very uncomfortable. Being human!]
Random Thought Number 2
Security Explained, for Non-security Minded People
[Isn’t that a promising title? And the writer did simplify. He started with the cloud as a major point of concern (read “deep, loss-of-sleep type anxiety”). Ok, then. Cloud is out there out of sight and so we all are a bit concerned to know whether it is secure. Good start!
[Then he introduced a new term. “Endpoint Security.” And went on to define that as “the security service that is installed on “endpoints” like servers, desktops, laptops, and mobile devices like tablets and phones.” So far so good. I’m tracking.
[The solutions for endpoint security come in two flavors. There’s antivirus protection and malware protection. Antivirus keeps out the lethally destructive computer viruses that have plagued endpoint devices almost from the beginning. Malware has to do with software that pretends to be good but is bad. Soft-ware, good. Mal-ware, bad.
[The final security concept has to do with the users of those endpoints, with their email and web browsing security. Email are carriers for viruses and malware. And more recently a visit to a website has become potentially corrupting. So the need for protection.
[“According to a report from the United States Computer Readiness Emergency Team (CERT), many malicious software exploits target productivity applications and Internet browsers. Malicious code is also embedded in websites, sometimes unbeknownst to the owner.”
[You can see the need for security protection from email and from websites.]
Random Thought Number 3
“Let me start off by saying my expertise in security is relative. In many circles, I am considered an expert, but I surround myself with a number of Security Engineers, and I quickly default to listen and learn mode. I had very little IT experience when I was hired by Ingram Micro Cloud in 2008 so the “listen and learn” technique is something I have mastered over a successful sales career where I have sold many security solutions.”
[This quote was a part of the above referenced article, but I found it compelling as a wise generalization whether speaking of security or any field of work. Which is why I did the strikeouts in the quote to illustrate the breadth of what was being said.
[What was being said? The “listen and learn” technique can be used effectively to make one either an expert or at least an experienced and valuable team player.
[Hey! There’s the theme… if we as humans would all employ the “listen and learn” technique we wouldn’t present ourselves as such a risky factor to be eliminated. Eliminate your own security weaknesses and strengthen the security of the place where you work! You know that’s golden because it’s something money can’t buy.]