cyber security made easy
  • Quote Robert Mueller

    Quote Robert Mueller

  • quote - kevin spacey

    quote - kevin spacey

  • quote - amy pascal

    quote - amy pascal

  • quote - brian brink

    quote - brian brink

  • quote - chris fischer

    quote - chris fischer

  • quote - chris frei

    quote - chris frei

  • quote - dennis chesley

    quote - dennis chesley

  • quote - dido harding

    quote - dido harding

  • quote - erik avakian

    quote - erik avakian

  • quote - george grachis

    quote - george grachis

  • quote - ginny rommety

    quote - ginny rommety

  • quote - john legere

    quote - john legere

  • quote - malcolm marshall

    quote - malcolm marshall

  • quote - thomas naylor

    quote - thomas naylor

Cyberspace is VUCA.
VUCA stands for Volatile, Uncertain, Complex, and Ambiguous. VUCA is a term used by the military to describe the environment and challenges they face when dealing with threats and dangers. Cyberspace like the military field of battle can also be considered as VUCA. Organizations who have embraced cyberspace in running their day to day operations need to be fully aware of those threats and dangers. And IT security personnel who are responsible for the organization’s critical assets should realize that they live in an environment that is VUCA. 

Let us understand how cyberspace is a Volatile, Uncertain, Complex, and Ambiguous. 

Volatile means "liable to change rapidly and unpredictably, especially for the worse". This is exactly the kind of environment that IT security practitioners prepare for every day. Millions of new malwares are created, new vulnerabilities discovered, attack vectors are constantly shifting, stable systems are under threat of being compromised, legitimate websites are being defaced in reaction to geo-political events, and users are bombarded with hundreds of phishing emails.
Uncertain means "not able to be relied on; not known or definite". IT security personnel in most organizations work with very limited data about their environment. The big challenge is knowing exactly what systems are out there. Mobility of users and the proliferation of tools and technologies that business units adopt with or without the knowledge of the IT security personnel add to the challenge. Then there are the cyber threat actors, the bad guys. You don’t really know who they are, what their underlying motives are, and what their capable of doing.
Complex means, "composed of many different interconnected parts, so complicated or intricate as to be hard to understand or deal with". All new systems bring with them added complexities. IT security policies to protect the organization’s critical assets may not optimized for operations and performance. In the end, the organization pushes for better operations and maximum performance at the expense of stronger security. A complex environment will require skilled and experienced IT security people. which are scarce and expensive.
Ambiguous means "of doubtful or uncertain nature; difficult to comprehend, distinguish, or classify". This has always been the challenge of IT security personnel as everything looks grey, was it a hacking attempt or an honest mistake by an employee. All security tools generate huge amounts of logs and event data. What do you do with such data? How do you filter out the noise to reveal the real threat? What else do you need to investigate an anomaly or incident to determine if it’s a real threat. This may require a different set of tools and skills.
At ITSDI, cyber security is in our DNA. We help orgnaizations deal with the threats and dangers in cyberspace, an environment that is Volatile, Uncertain, Complex, and Ambiguous.

We make cyber security easy.