I recently had this controversial opinion that could get me in a lot of troubles. I mean a strong cybersecurity strategy (be it national or organizational) should remove as much of a burden of cybersecurity from employees, citizens, you name it. Think about it, have you ever had an awareness month from military, polices forces (who are to keep you safe and deter criminals) or had much of a responsibility to secure yourself, your homeland, physical assets in the physical world? I don't think much of us had, coz these guys do their job and they do it properly and thoroughly. I mean why do we expect non-tech savvy employees or citizens (mostly senior citizens) to be safe online if we are not doing a proper job securing the ins and outs of the cyber world.
Let's take an example, why is it easy to scam someone on the telephone and steal their money by impersonating an official authority, why are we not monitoring this? Why there are not effective controls to prevent this from happening? Why do we blame a non-tech savvy employee for opening a legitimately sound email when it passes all the security controls but no cybersecurity employees were there to check it before passing it to the receiver? I can keep on forever with this.
I dream of a cyber world where a responsibility of protecting people in the cyberspace is the responsibility of the government, cybersecurity sector and tech companies. Coz let's face it, whatever we are doing now with cybersecurity awareness and trainings is not actually good enough for the majority of people accessing the cyber world.
Student at Kent State University
6yLol!! threat comes in all form. In cyber security, an employee could be used as a channel to circumvent security measures ( I know! like the guys here on the look out. It is dreadful to have an insider bring in an infected device and plug it into the system and pull down into an inferno of ransomware attacks). Unless you have a solution that's not a firewall. I can’t imagine a firewall deterring this behavior. May be something that encrypt disk from within the environment and at the same time perform a kind of threats emulation from within the environment at the endpoints. And even better if such features can be integrated into the gateways so that every paquet or files coming through the door goes through the emulation process that dismantle packets, files and forward only clean copies to the user and keeps macros for further emulation until final verdict to release the macros as well to user who continues to work with the first clean copy of the file. If such solution exist I think this guy here would not scare the hell out of the devoted guardians :). Does such solution exist if not lets make one?