Tuesday, May 3, 2011

The Cyber Security Conundrum


Ever wonder why cyber security is so hard?
Ever wonder why we deserve more money, resources, etc.?

The graphic above (borrowed) is a simple representation of why defending a network is so much more difficult than penetrating it. Yea I said it, (rebuttals are welcome)! Above we graphically demonstrate the massive landscape within cyber security. The volume of things we support, run, maintain and analyze within a cyber security program on a daily basis is extraordinary. As the capability stack continues to grow (i.e. Data Loss Prevention, Phishing Excercises, <enter new buzzword here>) we must also continue to maintain the cutting edge technology of previous days with a finite set of resources. Meanwhile, an adversary just needs one exploit or an oblivious user to jeopardize the Confidentiality, Availability, or Integrity of the entire operation.        

So when you feel like the chips are stacked against you, they are. So don't dwell and keep fighting!

1 comment:

  1. Good point! Yep odds sure aren't in CND's favor. Once we can accept this as defenders, we can move past it finding ways to perhaps make the odds more balanced.

    ReplyDelete