Cyber Security Matters

All of your cyber security team’s work adds up to something.

The sum total that at times can be a blurry hodgepodge of mostly outdated policies, misrouted tickets, conference attendance, arguments about why your team is right, time spent reading about complex compliance frameworks, some threat hunting, a fair amount of frustration, with a splash of seemingly growing amount of work completely unrelated to security,

Or, it can add up to securing your organization’s infrastructure and its data.

The difference?

One is a collection of activities that feels like security.

The other, a purposeful coordination of connected activities directed towards some measurable sets of goals that help to secure your organization.

If an organization doesn’t know what security is or where they are along he path to the goal, then the former is likely more true than the latter.

Adversaries aren’t concerned about “level of activity”.

Their concern is with the ease with which they can do their work or are deterred.

That’s the outcome of the activity, your level of security, that matters.