Vast and Urgent – the Yawning Gap in Cybersecurity
It is hard to remember, or even imagine, a topic of such importance as information technology security. If the protection of data and information systems were a health issue, then it would be a global pandemic. Information technology security lacks the drama and empathy of a flesh-and-blood crisis, but it carries – in the view of many – the same kinds of critical consequences. When a business crashes, families flounder. When an industry crashes, towns and cities wither. When election rolls are corrupted, faith in government erodes. When the electrical grid, water system, maritime transportation system, or air traffic control blinks out, daily life gets very different, in ways that could easily be catastrophic, and the economy that makes modern life possible could itself become impossible.
Those are the stakes of information technology security. As sad and relevant as fires and floods and epidemics and hurricanes and all manner of disasters might be, they are local tragedies when compared with the potential reach and impact presented by failures in the world’s networks of information and data systems. The subject might seem colder, but its impact could be just as hot.
Responsible people consider these stakes and act. That’s putting it mildly. So much action and activity is seen in information technology security today, that the dramatic increase in spending for it has been described as climbing a mountain. In fact, a Forbes article forecast that global cybersecurity spending will reach $170 billion by 2020.
With a cost like that entering the world economy – an enabling expense rather than a producing expense – you could say that the threat to our data and information systems and networks is already costing all of us a lot of money, even if we are not under attack from that threat.
The Visible Sector of Data Protection
As alarming as the amount of spending on information technology security may be, the variety of directions in which those investments are made might be disturbing, too. Such a plethora of protective measures are taken that it suggests the lack of an agreed-upon strategy in most business and in many industries. In fact, the Department of Homeland Security just defined its own strategy on May 16, 2018.
There is so much confusion about what to do that a study reported a huge number of companies, many of them industry leaders, who make insurance policies the primary component of their cyber-defense. As true as that is, it’s still almost comical. And yet it is not the only example of how most approaches are reactive. A program is activated when the attack, virus, malware, or corrupting file arrives.
Counter-attack is the second step in defense, not the first. Still, much information technology security is based on it, rather than on prevention.
The confidentiality, integrity, and availability of our data and information systems and networks have been staked on programming, software, and other measures that protect the virtual world of information technology security. But what about the physical world?
The physical fact is that some of the most impactful cyber-attacks yet known were enacted by inserting an actual carrier device into the ports or connectors of the targeted data network. The successful attacks that were made this way include a devastating delay to the Iran nuclear program, and the infiltration of “beacon” programs into a network that linked the U.S. Defense Department, State Department, and some U.S. intelligence agencies, enabling Russian operatives to monitor communications.
The Need for Improved Information Technology Security
Yes, a simple flash drive was behind each of these attacks. Research in the U.S. and abroad has demonstrated repeatedly that even the best-trained associates will pick up a stray memory stick and plug it into a port at work, and they’ll do it within minutes. With the viruses and malware so prevalent on the Web, imagine associates plugging their smartphones into a USB port at work just to charge it. To revisit the earlier health analogy, this is the information technology security equivalent of smooching a subway handrail.To help organizations bolster their information technology security, The Connectivity Center offers dozens of devices that overcome the threat of attacks or infections, including an evolving array of USB port blockers, network port locks, and fiber optic port locks. The Smart Keeper series offers port blocking with the additional feature of serialized keys. With Smart Keeper, you can make sure that access goes only to those persons with “need to know” and “need to use” authority within your organization, without the expense and complication of Network Access Controls. Users report, too, that the presence of a Smart Keeper port blocker effectively reminds those authorized users of the importance of that access, and their own responsibility for not running the risk of attaching an unknown or personal device there.
Information technology security can be strengthened still by the cables that connect computers in your network through the use of Link Lock connecters and the Link Lock Hub, the latter of which not only serves as a secure USB hub for your attached USB device, but also locks your devices so that they cannot be removed without authorized access. The product portfolio and the programs we offer include many other options to suit your system, your goals, and your threat profile. Our history and heritage of quality, value, variety, and versatility are the best assurance you can bring to the present moment, to improve your information security technology in this data-rich world.