Involta Welcomes Guest Author: Jack Danahy, SVP Security 
Strategy and Chief Evangelist at Alert Logic
Security discussions get pretty confusing in modern organizations, particularly in times of rapid transformation due to cloud migration or new remote working pressures. Executives are looking for high-level updates tracking measures that they can internalize, while security and IT practitioners feel responsible for discussing the specifics of what they’re doing. This disconnect in goals and language creates multiple issues: friction in security deployment, resistance to change, and a lack of general understanding about the purpose and progress of security plans.
An effective technique to bridge these communities and their shared desire to communicate is to apply a familiar physical world analog to the work being done in security. Over the years, I’ve found healthcare to be the clearest and most helpful of these.
Getting Healthy in Cybersecurity
As we see in our current healthcare crisis, and as we’ve witnessed for years with both chronic and critical illnesses, staying healthy is a challenge for many, and it creates plenty of stress. Conflicting sources of advice, complex combinations of symptoms, and new illnesses and treatments arrive all the time. Physicians and nurses help us navigate this process because they have the focus, the experience, and the tools to advise, diagnose, and treat us appropriately.
Cybersecurity works the same way and creates the same types of stress. The threats are constantly changing, every organization is unique, and the application of security knowledge to the challenge of balanced protection and response is best delivered by experts who focus on nothing else. The first step in getting healthy is finding those providers, internally or externally, who have the experience to recognize the symptoms, and who either have, or can request, the right tools to both detect and respond to problems when they arise.
Staying Healthy in Cybersecurity
Gandhi said, “It is health that is real wealth,” and preventative medicine is a cornerstone to any successful healthcare system. Healthful behaviors, balanced diets, and awareness of potential symptoms of illnesses at their earliest stages determine whether individuals stay healthy, or whether they take the more costly road of first losing and then working to regain their health. Again, experience and advice are required, but the patient or subject needs to be open to investing their time and emotion into their health long before an actual illness develops and is discovered.
There are considerable parallels to cybersecurity. Organizations that pay attention to their security posture and awareness are much less likely to experience a major security event, and if they do, they are far better prepared to detect it and respond in an appropriate way before the damage spreads. Understanding what to look for and developing cost-effective measures both to avoid and respond to attacks, are areas where an expert will help. Leveraging experience across multiple organizations and applying years of observations and outcomes delivers recommendations that optimize both effort and investment.
Learn more about Keeping Cybersecurity Healthy
On October 22nd, I’ll be talking with Involta’s CISO, Annalea Ilg, about exactly these topics and the experiences she has had while helping Involta’s customers transform their businesses securely. There are plenty of lessons to learn, and we’ll be sharing stories of caring for our partners and patients, with recommendations that I’m sure you’ll be able to use.
To recognize National Cybersecurity Awareness Month, Involta is offering free, 30-minute Security Awareness Calls with an Alert Logic Security Specialist. If you’re looking to get healthy, you can schedule that call here.
