From Security to Cybersecurity
Now, I want to share this REALSEC CEO post which analyzes the development of security concept towards cybersecurity, in line with the digital society in which we are immersed. Very interesting!
We live in a changing, dynamic, and connected world in which the evolutionary pace of man, marked by multiple technological advances of recent years, has managed to mitigate many of the physical risks and threats from the past. But at the same time, it has brought new forms of risk, new threats of which we must protect ourselves from.
From the earliest times to the present day, man has felt the need to know, trade and communicate. In order to achieve this, he has built and used ways and paths that enabled its fulfillment. Paths full of opportunities but also full of dangers and threats that needed to be skillfully handled and solved.
If we went back to the Middle Ages, we would see how the Templars, custodian Lords of Holy Places, protected pilgrims travelling to the Holy Land from highwaymen and thieves. They devised a financial system by which pilgrims could deposit the money for the trip in the first Templar establishment of the road and dispose of the money they would need for the journey in the successive establishments and Templar commands.
Personal, financial, business and national security.
A financial system, based on the delivery of secret keys given to depositors (similar to the ones used by our cryptographic systems), keys which allowed them to control funds available from the deposits of each pilgrim, creating thereby the first credit-debit letter, previous to our current credit-debit cards.
Today, we live in a global and connected world in which Internet is used to communicate, learn and trade. This new digital way, as in other times, is just as unsafe and whoever surfs the Net (cybernauts), is exposed to the same dangers, attacks, thefts and extortions as our ancestors.
The security concept, as we had understood it 15 years ago, has mutated and has gone beyond the physical area and has become a digital Leviathan as well, which in a stealthy way, has hidden behind an IP address able to convert us without realizing, in a crime scapegoat and may even untruthfully turn us into a suspected criminal.
Nobody and absolutely nobody, is safe from the digital attractive and solicitous beast behind which gangs of criminals conceal, perfectly well organized and have the economic capacity to extort money. In this situation, neither people nor companies or States are safe from the risks and threats of these new Internet attackers where people, companies and Governments from all over the world surf every day.
In the year 2000, Internet madness managed to tell companies and Governments to prevent such risks and threats by protecting themselves through Firewalls, IPs, Antivirus, Anti Spam, etc. compulsively.
In the period 2002-2003, coinciding with the technological bubble, we realized that Internet security management could not be based only on implementing mechanisms and measures, but was necessary to analyze the risks and know the possible impact on business assets, estimate the probability of threats occurrence and depending on the outcome, establish policies, procedures and more appropriate measures to prevent risks.
In conclusion, to undertake Security Plans based on risks analysis and move towards an efficient model of security management.
However, time has enabled us to realize that the aforementioned is not enough if we take into account the current scenario and risk factors. Hackers who used to be isolated elements in former times, have evolved into gangs and apply enormous resources and technological means to attack critical infrastructures of companies, Banks and Governments, endangering both the technological heritage and National Security.
Likewise, we have found out that the Intelligence Services of many countries use the network to spy over the net to enemy countries, steal important information and even attack them. In contrast, this also occurs between allied countries.
As a result of the aforementioned, static security infrastructures, as we have understood it along this time, have become insufficient to tackle the problem.
Today, we cannot just speak about Security, but of a much broader concept instead: Cybersecurity.
But, how is Cybersecurity affecting the banking and the financial world in general? And what is the current level of exposure of financial institutions and ours as customers
I will discuss this issue in my next post.