Weighing Down Cyberrisk Options: How to Make


            Objective Cybersecurity Decisions Without Negatively

            Impacting the Organization’s IT Teams?

            By Mike Starr, CEO of Trackd


            It’s often paid lip service to (or worse, intentionally neglected), and rarely appreciated, but there’s an
            operational  cost  to  be  paid  for  security.  Security  controls  create  inefficiencies,  and  those  security
            measures can also introduce operational risk. By way of example, I recently came across an intriguing
            new anti-malware product that uses behavioral analysis to predict when file encryption is unauthorized,
            and therefore indicative of a potential malware attack. When it identifies such a scenario, it locks the
            encrypted files and those with access to them. Although a valuable backstop against perhaps the most
            common attack today, there is an undeniable operational risk that a false positive could temporarily deny
            file access to legitimate users, impacting the organization’s productivity. In this case, likely a small price
            to pay for a critical layer of security, but it’s important to appreciate that the operational cost is finite, and
            the risk is non-trivial.







            Cyber Defense eMagazine – February 2024 Edition                                                                                                                                                                                                          50
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.