90% of all cyber-attacks and data theft can be prevented with good security hygene and compliance, correct behcavior patterns and prevention. There is another side to that coin however. While we can drastically reduce the risks, no amount of training, investment or technology can make our systems completely 100% safe and breach-proof if it’s somehow connected to the internet. And when an old approach stops working, we need to look for a new one.
A radical idea, presented by the Idaho National Lab (INL), consists in selectively shifting away from full reliance on digital complexity and connectivity by identifying the most essential processes and functions and then reducing or eliminating the digital pathways attackers could use to reach them. The consequence-driven, cyber-informed engineering (CCE) method is not a one-time risk assessment; rather, it is to permanently change how senior leaders think about and weigh strategic cyber risks to their companies.
This is the approach we at Semler Company can fully support – you can’t achieve meaningful results or long-term change if you don’t adjust your methodology. Keeping your ear to the ground, being open to new techniques and constant adjustment is the only real way to stay above water in this age of change.