Opinion

Many businesses develop cybersecurity programs without considering universal design. This results in programs that fail to meet the needs of the entire workforce. Even worse, inaccessible cybersecurity programs can force workers to miss out on important security tips and insights. This can lead to data breaches that damage a company’s brand reputation and bottom line. 
A clear understanding of the relationship between cybersecurity and universal design is a must, especially as more industries become common targets for cyberattack. Cybersecurity professionals can apply universal design best practices in their everyday work. In doing so, they can develop and maintain best-in-class cybersecurity programs.

The Security Service Edge (SSE) model provides a convenient, scalable way to make sure users can safely access the Internet,

This article is inspired by a recent article on the Computerworld site for Denmark, where one of the CISO’s for a big energy company lamented the lack of formal skills in the cybersecurity community on the security requirements for Operational Technology (OT) and Industrial Control Systems (ICS). This triggered light research from me on the options out there for relevant trainings and certifications.

he Biden administration is reportedly considering a first-ever integrated action plan for global water security, linking global access to clean, reliable water to U.S. national security for the first time. At home, the linkage between national security and security of the water and wastewater sector is self-evident by its very definition as critical infrastructure. Yet decades of chronic underinvestment and under-resourcing of federal support to the industry has left this life-supporting and life-sustaining infrastructure vulnerable to cyber threats.

Seemingly all companies today prioritize cloud security as part of a comprehensive cybersecurity strategy, and for good reason. The proliferation and sophistication of cyberattacks bring endless possibilities for hackers to steal and misuse data at a pace previously unimaginable. Ransomware alone rose more than 100 percent in volume globally in 2021, and the expectation is that with such “success,” the rate of attacks will only grow in 2022.
Yet, too many enterprises and smaller companies still struggle with the transformation to the cloud because of the variables that come along with choosing the best product. Lack of awareness about the complexities with the switch, namely technology-related issues and typical adjustments needed to workflows and processes, also contributes to the confusion. Adding to the quandary is the existence of very few companies that are dedicated to cloud security as opposed to general cybersecurity products.

This is an opinion piece, and an opinion that I am fully aware of, can be controversial in some sectors of the cybersecurity industry. Still, selling the state of the cybersecurity of customers, that most of us are doing our outmost to protect from the nefarious underbelly of the Internet, is actively undermining the security. And yes, I feel that it is actively undermining the security, to sell 0-days to brokers, on the darknet or companies on the Internet, instead of disclosing them to the vendors for patching.