Cybersecurity Education and Practice: Never Stop


                                                       Learning

                                    By Ken Sigler, Dan Shoemaker, and Anne Kohnke


            As the number of industries, organizations, and educational institutions continue to recognize the
            scope and impact of cybersecurity, the means in which the crisis is approached cannot be made
            haphazardly.  For  many  years  cyber  professionals  have  been  able  to  apply  consistency  within
            practices  aimed  toward  minimizing  the  effects  of  cyber-attacks  by  using  international  and
            domestically  adopted  standards,  guidelines,  and  frameworks.  These  standards,  guidelines,  and
            frameworks aim to put into context how some facet of cybersecurity should be accomplished. While
            well-intentioned, this wide array of sometimes overlapping standards can be quite overwhelming to
            the practitioners and organizations that need them the most.

            Organizations tend to fit into one of two categories when considering their adherence to standards
            and guidelines. Many take the unsystematic (and sometimes chaotic) approach by either ignorantly
            or willfully neglecting the value of standards and guidelines or by ignoring them entirely and just doing
            their own thing. It is those organizations that find themselves strapped with the complexities and
            budgets of recovering from data breaches, much less understanding how the breach happened in
            the first place.






            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         29
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.