Security is broken, backwards, and upside down

After numerous articles, comments, and post-incident analysis of the various cyber attacks cluttering our media headlines and social feeds, it doesn’t take one too long to conclude that our existing security methodology is broken, backwards, and upside down.

I’m a firm believer that, for far too long, we’ve put our focus on protecting our network perimeter, with thoughts of trying to keep “the bad guys” from getting in, rather than focusing on the security of our people and our data, and keeping the sensitive information from getting out. Broken? Backwards? Upside down? Your call, but fixing this is a major paradigm shift in thinking and organization culture.

So, you ask, how do we fix it?

Let me outline the top 3 most important steps to paving the way for a security model repair.

  1. Elevate the cyber discussions to board level. The financial, operational, legal, regulatory, reputational and, therefore, strategic risks around cyber threats are game changers for credit unions, their leaders, their employees, their members, and all their other stakeholders. Executives and boards must be in active discussion and seeking the proper security awareness and education.
continue reading »