The cyber security industry has been around since back when the internet as we know it was brought to life in 1983 when they switched the TCP/IP on for ARPANET (probably even before then). Oh sorry, it would have been called “Information Security" back then and guess what it is still the same thing. Some people somewhere wanted a more marketable name, so they started to call it cybersecurity or cyber security. The sad thing is that this new buzz name for our industry that has been around for a couple of years or more now, we are all arguing about how we bloody spell it. Honestly, I don't really think it matters that much and we should focus our attention on more important things like how we can catch cybercriminals in our network faster (they are probably already in there we just have to catch them).
Never the less, I keep seeing this topic on social media and it was at the AusCERT2019 conference last month. They actually had a vote on this in one of the talks (I don’t remember which one specifically) where they asked people to raise their hands for which way they thought it should be spelt. The “Cyber Security” two-word method for spelling it was undoubtedly the winner in that vote with I would say more than 70% in its favour. As many of you would have seen in my article I was voting on the opposite side of that vote as I have always written it "Cybersecurity" in all my writing but if the industry thinks it is two words, not one then who am I to say otherwise.
From this moment forward I will try to remember to use two words not one in my articles or any other writing that I do (I may slip up every now and then. I am not perfect). Okay, so that is my pledge lets quit arguing about how to spell this buzz word name that has been given to our industry and actually start to focus on the more important things like what brand is best for security professionals to drink to ensure maximum efficiency. No, what about the best security platform to use to protect your systems (that’s certainly more important) but even that doesn’t really matter.
Each person will have their own opinion on things, the best platform to use, favourite colour, favourite brand of shoes, best all-time car brand or car (Old school mustang fan myself). Does it really matter if I like Apple phones and you like Android it means nothing, seriously nothing at all? By now, I am sure you understand what I am trying to point out to you, but I will cover it a bit more just to ensure my point gets across to everyone.
In “Cyber Security” or “Cybersecurity” whichever way you like to spell it, we have so many problems that we need to focus our attention on resolving as a community like diversity, breach after breach with no sign of slowing down with no real sign of a solid solution (I still think we need to all do the basics better that will certainly help). Maybe we could work out how we can all come together as a united front to fight the avalanche of attacks, together we may actually stand a chance.
So, what I am saying is let’s forget about how we spell a silly marketing name for our industry and either just straight out pick one (which will probably never happen) than actually get on with what is important. Protecting all the systems we are collectively responsible for. It’s a big job and will require our full attention and is obviously more important than how we should spell a word don’t you think.
What about diversity? Diversity is a massive problem in our industry, with a low percentage of female members coming into and staying in the industry. CSO, as well as many other organisations, are already focusing on this problem with voting recently closing for the “women in security” awards, which is a great initiative. There are so many initiatives I can’t mention them all but shouldn’t we focus more attention on this? I think we should, maybe we could even use some of the excess energy we have to find a way to go beyond diversity for men and women but race, background, education and more. We want to have as many different viewpoints as we can to have any chance to be successful in really making a difference in our industry. Let’s not get too distracted with pointless arguments and aim for true diversity in all forms, it will be a benefit to us all.
What about collaboration? I mean real collaboration in our industry to help share intel, help each other learn how to better protect ourselves? I have covered this before in previous articles and I will cover it again because it is important. We need to look beyond competition and try to be better together, if we can see past the possible roadblocks that keep us from working together we could really make a difference. I am part of collaborations that bring together people from very strong competitors but, in that room, we are not enemy's anymore, we are there for the same goal "protect our clients and our own networks" a truth that forgets everything else.
So instead of wasting all our time arguing about a name lets put this to rest now and put our attention into one of the more important problems we need to focus on. What do you think? Can we do that?
Now that I have got that rant off my chest lets get back to cybersecurity like we should be, oh bugger I have already messed up and spelt it wrong. I will try harder (maybe). As always let me know what you think, do you care about how this is spelt and think it is worth our time to sort this out? Should CSO run a poll on the correct way to spell this and announce the winning version? Seriously tell me what you think, I want to know but let's not waste any more time on this then is needed. If we want a decision lets take a vote on this and put it to rest once and for all.
Till next time…