By Milica D.  Djekic

The first personal computers would appear in the early 80s of the 20th century. Since then the entire technological posture has changed and evolved so rapidly, so today we cannot imagine the home or business without the computing units and the internet connection, so far. The early beginnings of the web era would go several decades to the past and with the first computer’s networks, we would get the first legal regulations and frameworks regarding cybercrime as well as cybersecurity. So, the cyber defense is not that young branch of the human activity and with the very first digital networks – we would get aware of the need for some cybersecurity procedures, tactics, and strategies. Right now, the cyber defense is witnessing its boom and it’s quite obvious such an area would get publicly engaging more than ever before. The reason for that could be that the machines with internet connectivity would become part of our everyday routine and even the most rural landscapes in so developing economies would get that privilege to rely on the web and so common to the entire mobile technologies service.

In other words, the cyberinfrastructure across the globe got so well-developed and accessible nearly anywhere worldwide, so it’s not that strange that the people would see the cybersecurity as so engaging area of their lives and works. Anyone who would want to know anything about the cyber defense could get such a piece of the information simply surfing on the internet or searching his social media accounts. In our experience, even the folks from the low safety and security level societies could demonstrate the impressive familiarity with the cybersecurity for a reason they would spend the hours and hours in front of their screens working so hard on their self-education in the field of the high-tech security. Indeed, those guys would so promptly develop the skill in such an arena and probably if they remain the long enough in such a business they could deal with the great expertise that could contribute to poor and unsafe countries to change for better and gain the better quality of life and work to everyone living there.

Cyber defense is about a risk management

So, the cyber defense would get huge public attention through the past years and so many people over the world would wonder what such a field could offer to us. This question could offer so deep discussion as well as explanation instead of the only brief answer on. Why? The digital networks of today would serve for so many purposes and sooner or later the end-users and consumers could suffer some kind of disadvantage dealing with their assets. Those drawbacks could cost them more or less in the financial connotation and everyone being rational would try to avoid paying more if he can pay less or nothing for something. Also, there are some security concerns getting correlated with the poor cyber defense, so that’s why we must pay strong attention to those requirements. The fact is the entire IT industry would offer the information goods and services that could be the sources for the long-term exploitation needs.

Apparently, cyberspace could be so risky environment and if we do not know how to handle that risk – we would defiantly pay much, much more. Well, the role of the cyber defense is to manage the risk in the cyber domain and if we put such a threat at a reasonable scale – we would consequently pay less. It’s so complicated to mitigate the risk completely, but if you cope with enough skill your private or business networks would be somehow secure. From this perspective, it would seem that the entire global marketplace is suffering the certain lack of the IT security professionals, but – in our opinion – such a shortage could get overcome through so intelligently created training and courses that could teach the people with the quite basic IT skills to get the cyber defense workforce. Also, never underestimate the power of the positive and constructive self-education, because the guys from the developing countries would not get the funds to pay for the expensive training and they would rather choose to sit at home and exercise on their computers on their own developing the skills that would make them getting so capable defense shield to their communities and maybe internationally if they really select to put such a big effort on, so far.

Your manager is a decision-maker to your effort

On the other hand, if we talk about the objective needs of some organization to the cyber defense products and services, so many employees working for such an enterprise would direct you to their bosses to discuss with them anything you want to offer to such a business. Even if there is some IT security department within some firm or company – the cybersecurity manager would talk to his decision-maker before he takes any concrete actions on. So many IT security professionals would use the well-developed assessment forms in order to estimate what they really need for their everyday activities and they would also need the great reporting, communications and negotiation skills in order to stress on with their managers if the entire enterprise could choose the certain way in terms of their cybersecurity progress, so far.

The purpose, the impacts, and the budgeting

The convenient skills are needed in the business world even if you want to convince your decision-makers to approve the funds and the other resources in order make the cybersecurity concerns getting so understandable to the rest of the team and more importantly – the workforce must know the purpose and impacts of those decisions as well as the reasons why such a budget is so necessary to that. The practice would suggest that the people would look for a remedy once they get unwell and only the very few of them would choose to prevent the conditions that got fully treatable once it got diagnosed. No one would die from the cold, but the old person who would not get treated from that condition could develop pneumonia and certainly suffer so fatal consequences. In other words, your computer would not show any serious symptoms if it catches some virus in the cyberspace, but if you do not treat that incident in sense of cleaning your IT network from the malware using some anti-malware solution – you would sooner or later get the collapse of the entire operating system because such a malicious software would not get recognized and removed at the appropriate time.

The difference between business risk and cyber risk

Above all, let’s talk about the differences between the business and cyber risks and why those two terms differ from each other as well as why they could get so similar to each other. The business risk is more about investing your resources either being human or financial by their characteristics into some activity or useful work that could support you in obtaining some kind of advantage on the marketplace. If you choose to make several risky, but profitable steps in your business – you can expect that you would expand your marketplace to many more consumers and clients. On the other hand, cyber risk is more about how you can protect what you already have as well as prevent your organization and staff from so serious financial and security concerns. Maybe investing in cyber defense would not impact your business advantages and new horizons on the marketplace, but you would definitely deal with the more profit at the end of the year because you would need to pay less for the occurrences being the consequence of the cyber insecurity, so far.

Further thoughts

The cybercrime would cost the global economy the trillions of dollars per annum and that’s quite appealing fact. If we put such a finding into our calculation, we can notice that the real business can lose the few percent of their annual profit once they get the target of the hackers and cybercriminals. That’s quite big waste and no one would want to throw such money through the window and give it for nothing. So, if you are the rational decision-maker and if your IT security staffs deal with the adequate skills – you should defiantly get open to their suggestions as well as consult your financial risk team in order to collect the numerous helpful information and advice at the same glance before you make any move on.

About The Author

Milica D. Djekic is an Independent Researcher from Subotica, Republic of Serbia. She received her engineering background from the Faculty of Mechanical Engineering, University of Belgrade. She writes for some domestic and overseas presses and she is also the author of the book “The Internet of Things: Concept, Applications, and Security” being published in 2017 with the Lambert Academic Publishing. Milica is also a speaker with the BrightTALK expert’s channel and Cyber Security Summit Europe being held in 2016 as well as CyberCentral Summit 2019 being one of the most exclusive cyber defense events in Europe. She is a member of ASIS International since 2017 and contributor to the Australian Cyber Security Magazine since 2018. Milica’s research efforts are recognized with the Computer Emergency Response Team for the European Union (CERT-EU). Her fields of interest are cyber defense, technology, and business. Milica is a person with a disability.