An Uncomfortable Change: Shifting Perceptions to Establish Pragmatic Cyber Security
The challenges that a lack of conventionally conceptualized borders in Cyberspace create are increasing in scale and form. This position paper evaluates through the myriad of reasons for this situation, from the absence of cyber security standards, an industry which values training over education for short term gains, resulting in a long term de-skilled workforce, to a solutions space that has an excessive focus on technological control. This demands a necessary change in approach to cyber security to meet the increasingly intelligent and diverse threats. As a specialist field, cyber security requires a collective proactive approach incorporating technology, government support, policy and education. Indeed, it is possible that a reversal of currently accepted perceptions, where organizations manage their security in isolation, will result in a paradigm shift. This will demand acceptance of a shift in power and influence as nation states, crime and hacktivist groups with high levels of motivation, attempt to control and exploit Cyberspace.
KeywordsCyber security cyberspace security standards education
Unable to display preview. Download preview PDF.
- 1.Verizon: 2014 Data breach investigations report, Verizon: 60 (2014)Google Scholar
- 2.Haffejee, J., Irwin, B.: Testing antivirus engines to determine their effectiveness as a security layer. In: Information Security for South Africa (ISSA). IEEE (2014)Google Scholar
- 4.Australian Government: Australian cyber security centre to be established (2013), http://www.defence.gov.au/defencenews/stories/2013/jan/0124.htm
- 6.Dean, B.: Why companies aren’t investing in cyber security. itnews (2015)Google Scholar
- 7.Norton, S.: Tech CFOs Boost Spending on Cybersecurity: Report. CIO Journal, The Wall Street Journal (2015)Google Scholar
- 8.Gartner: Gartner Says Worldwide Information Security Spending Will Grow Almost 8 Percent in 2014 as Organizations Become More Threat-Aware (2014), http://www.gartner.com/newsroom/id/2828722
- 9.ISO: ISO/IEC 27032:2012 Information technology – Security techniques – Guidelines for cybersecurity (2015), http://www.iso.org/iso/catalogue_detail?csnumber=44375
- 10.ISO: Are you safe online? New ISO standard for cybersecurity (2012), http://www.iso.org/iso/home/news_index/news_archive/news.htm?refid=Ref1667
- 11.ASD: Strategies to Mitigate Targeted Cyber Intrusions (2014), http://www.asd.gov.au/publications/Mitigation_Strategies_2014.pdf
- 12.Lippmann, R., Ingols, K., et al.: Validating and restoring defense in depth using attack graphs. In: Military Communications Conference, MILCOM 2006. IEEE (2006)Google Scholar
- 14.IEEE: Purpose of Standards Education (2015), http://www.ieee.org/education_careers/education/standards/why.html (retrieved)