Why Is It?

Posted on November 20, 2012 by mclaukl

Why is it that Internet Crime statistics continue to show that for the criminally inclined internet crime is a very viable and fast growing field?

Why is it that millions of dollars are stolen from end users who simply fail to pay attention to the basics of Information Security like strong pass-phrases and “don’t click the link”?

Why is it that in March of 2010 there was a breach of University student’s personally identifiable information (PII) that numbered over 3.3 million identities being stolen?

Why is it that in 2012 there was a breach of over 6 million IDs from the state of South Carolina IT Infrastructure?

Why is it that online banking theft is at an all time high with thefts against mid size business and metropolitan areas taking center stage?

Why is it that even though unheard amounts of information is being stolen daily that non-cyber security professionals are still very vocal in explaining to experts in the field of cyber security why passwords, pass-phrases, encryption and other basic controls don’t work and are too cumbersome?

  •  Yet in most breach cases if basic information security controls and best practices like defense in depth would have been in place and followed the breach would not have occurred

Why is it that the non- Cyber Security professional’s opinions on what Cyber Security controls are important are often given more weight than the Cyber Security professional’s opinions within an organization?

Why is it that Senior IT and Business managers within an organization still won’t listen to the Cyber Security professionals they employ when it comes to building and maintaining an effective security and control infrastructure?

Why is it that Cyber Security professionals still don’t have the voice they need within most corporations (Government, Public and Private) to actually protect the organization’s data?

Why is it that blame for failure to protect corporate data is quick to be placed on the shoulders of Cyber Security professionals who weren’t listened to in the first place?

Why is it that as experts we really do have the knowledge and ability to protect sensitive corporate data but in most organizations we are not given the power to do so?

Why is it that rhetorical questions are not answered?

© Kevin L. McLaughlin – properly cited use is encouraged

About mclaukl

Professional Certifications - Certified CISO, CISM, CISSP, PMP, ITIL Master Certified, GIAC Security Leadership Certificate (GSLC), CRISC. Kevin also holds Certificates in the Advanced Principles of Information Security and in Advanced Information Security Research Methods from Jones International University. Kevin L. McLaughlin began his career as a Special Agent for the Department of Army. He was responsible for investigating Felony crimes around the globe. He has had many careers over the years, including being a Police Officer in Kissimmee Florida, an Investigator for Mastercard/Visa, a Middle School teacher, a Director at Kennedy Space Center (where he worked with Fred Hayes, James Lovell, Armstrong, Sheppard, etc.), the President of his own company, an IT Manager and Senior Information Security manager with the Procter & Gamble (P&G) company (fortune 35), a CISO at the University of Cincinnati and a Senior Information System Security Manager for the Whirlpool Corporation (fortune 125). Kevin has also been an adjunct since 1992. While at P&G Kevin created one of P&G’s augmentation outsourcing teams in India. Kevin designed and implemented this India team and it won a global Gold Service award from Atos-Origin and has acted as a model for countless corporate relationships since. Over the years Kevin has: created an Information Security program conducted Information Security Strategic planning designed Information Security solutions, investigated over 700 Cyber cases and operated a Global Security Operations Center. • Education - MS in Computer Science Education, BS in Management of Information Systems * PhD in Cyber Security, University of Fairfax
This entry was posted in Uncategorized and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s