Sample (analysis follows):
The cyber security threat landscape is awash in an ever changing fabric of “slings and arrows”. It’s not just a matter of “if” script kiddies will attack the enterprise but “when” nation states. And big, big breaches.
Before the 20th century, there are only two recorded Denial of Service attacks: the burning of the library at Alexandria in 391 A.D. and the destruction of the Mayan codices at the hands of the Conquistadors in the 16th century. This trend accelerated in the 20th century with events such as the Nazi book burning of the 1930’s and the periodic removal of books deemed offensive from the shelves of US public libraries.
While all these events were of different scales, they set the tone for periodic and systematic assaults launched against today’s enterprises. And there is no real perimeter anymore.
The C-suite’s concern for cybersecurity is genuine, but it requires that the security professional have the business acumen to speak not just bits and bytes but strategic focus and ROI as well. While budgets remain constrained, there is always the opportunity for improvements in the technology of the security stack. And BYOD.
Indeed, insiders pose a significant if under-estimated threat to the Enterprise’s data. So much so that while an individual’s daily activity on the system can be reduced to 10-12 salient events, beginning with logging on and ending with logging off, it is not that simple. Meaningful heuristics require that logs be measured, managed and analyzed at thousands of EPS (events per second). And the cloud.
Finally, we understand that the gaps identified in any given risk assessment can be focused on the product suite under discussion, bringing in a new era of remediation and peace of mind not experienced since before the internet created the inter-connected world of commerce. And big data.
The components of the cyber security whitepaper (a broad generalization):
- [Things are new; use colorful language]
- [Breaches are big and scary]
- [Historical references to ensure this is taken as scholarship]
- [Executive’s concerns/values/interest]
- [Insider threats as a new discovery]
- [Analysis, analysis, analysis]
- [Gratuitous references to: the perimeter, BYOD, the cloud, big data]