The  Undeniable  but  Often  Overlooked  Human  Element  Of

            Cybersecurity



            By Sam Rehman, SVP, Chief Information Security Officer at EPAM Systems, Inc.


            It is firmly established that there is no such thing as 100% security – in fact, a security breach is not a
            matter of ‘if’ but ‘when.’ In other words, risk will always exist, and businesses need to shift their thinking
            from completely neutralizing it (which is impossible) to managing it accordingly.

            Despite this reality, many business leaders unfortunately  expect and demand 100% security from their
            teams. Because such a posture is impossible, companies will settle for a false sense of security to allow
            their people to function. This mindset is not only incorrect but irresponsible.

            Business  leaders  must  abandon  this  outdated  notion  of  100%  security  and  adopt  a  mindset  of  risk
            management. This strategy asks questions about the size of the blast radius and how long it takes teams
            to  detect  and  remediate.  Such  an  approach  also  recognizes  that  humans  play  a fundamental  role  in
            cybersecurity – namely, managing risk – and adjusts strategies and processes appropriately.






            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          51
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.