Why cybersecurity and privacy best practices are not just technical issues and one example from my own experience

Cybersecurity and privacy practices are not just technical because it becomes a lot more complex than simple technical issues. Each company has their own set of standards and regulations that they are required to follow. If the problems were simply technical then a one size fits all program may work better, but that’s not the case. One framework may be compatible on the surface for some parts of the company, however it may not meet the immediate security requirements. Though you be be able to bolt-on additional controls to aid in the missing security, that within itself can build gaps in your security a lot easier than one that is already built into the framework.  I don’t have a ton of knowledge or experience technically other than what we’ve read in class and the additional research I did to help understand the readings, but this is an example I can think of from my life. In my previous university (Mary Washington) We were getting phishing emails all the time, up until we started doing multiple step verifications did it lessen (they still get a lot). But even at the community college I went to, they had an amazing multi-step verification and I never received any phishing emails (to my recollection). Now I’m unsure if it was adding the multi-step verification that limited those phishing emails, or if they did other things as well, but that is an example from my life. 

Leave a Reply

Your email address will not be published. Required fields are marked *