{"id":40507,"date":"2021-04-19T18:00:08","date_gmt":"2021-04-19T18:00:08","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=93312"},"modified":"2021-04-19T18:00:08","modified_gmt":"2021-04-19T18:00:08","slug":"afternoon-cyber-tea-cybersecurity-has-become-a-pillar-of-the-business","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/afternoon-cyber-tea-cybersecurity-has-become-a-pillar-of-the-business\/","title":{"rendered":"Afternoon Cyber Tea: Cybersecurity has become a pillar of the business"},"content":{"rendered":"
<\/div>\n

In a famous two-part episode of \u201cStar Trek: The Next Generation,\u201d Captain Jean-Luc Picard is captured by the Cardassians. During a pivotal scene, a Cardassian interrogator shows Picard four bright lights and demands that he \u201csee\u201d five lights. Picard resists, culminating with him shouting, \u201cThere are four lights!\u201d When I hosted Tarah Wheeler on Afternoon Cyber Tea with Ann Johnson<\/a> to talk about encryption, she shared this particular story about the Next Generation episode during our conversation because she believes it\u2019s a good description of how we should think about encryption.<\/p>\n

In addition to being a Star Trek fan, Tarah Wheeler is an accomplished information security researcher, political scientist, Fulbright Scholar, and author of the best-selling book \u201cWomen in Tech: Take Your Career to the Next Level with Practical Advice and Inspiring Stories.\u201d Just as with that infamous episode, there\u2019s no way to meet in the middle when it comes to encryption according to Tarah. Encryption experts refuse to compromise because it simply isn\u2019t possible when math is involved. Math can\u2019t be half-implemented and taking a backdoor approach to encryption doesn\u2019t work. This can confuse people because protection and the right to data privacy are not fundamental opposites. Instead of having to choose one or the other, companies should balance the two, which will achieve better than a zero-sum.<\/p>\n

Tarah has previously said that the right to private and encrypted communication is a fundamental right of humanity. She\u2019s heartened by the change in the perception of cybersecurity, which is now considered one of the pillars of supporting a business rather than something you bolt on from the side. Cybersecurity is viewed as just as important\u2014and necessary\u2014as keeping the lights on and training employees. Keeping the company\u2019s digital assets safe has become as necessary as those fundamental practices for a modern business, and cybersecurity is as valued as the Human Resources and Legal departments. Securing assets before an attack can occur has become the priority versus cleaning up after a cyberattack.<\/p>\n

This shift toward viewing cybersecurity as a cost center has been one of the biggest changes in international business over the last few years. But Tarah characterizes that shift as reluctant and frustrated. That frustration isn\u2019t always due to attitude; sometimes, it\u2019s because of the difficulty in demonstrating the cost incentives of internally treating cybersecurity like a cost center. However, the money saved from effective risk management is changing that. Some of the most successful cybersecurity departments report up to Risk or Finance and not to Technology. The biggest corporate impact of international cybersecurity has been regulatory regimes like the General Data Protection Regulation (GDPR), the European Union law on data protection and privacy. The passage of GDPR was a big wake-up call for how the US conducted its affairs in corporations because many companies were stunned that compliance on requirements like data deletion would be enforced.<\/p>\n

During our in-depth conversation, we also had the opportunity to explore the concept of \u201cimposter syndrome\u201d in the cybersecurity community, in addition to the changing role of the Chief Security Information Officer in an organization. I invite you to listen to our discussion and learn more about this shift on Apple Podcasts <\/a>or Podcast One<\/a>.<\/p>\n

What\u2019s next<\/h2>\n

In this important cyber series, I talk with cybersecurity influencers about trends shaping the threat landscape and explore the risk and promise of systems powered by AI, IoT, and other emerging tech.<\/p>\n

You can listen to Afternoon Cyber Tea with Ann Johnson on:<\/h2>\n