Security departments are growing out of their seams. While demand for cybersecurity professionals is growing, finding and retaining good staff takes hard work. According to the 2022 (ICS), 2 Cybersecurity Workforce Study 1, about 70% of respondents said their organizations don’t have enough cybersecurity employees. And while the number of professionals is growing, security is not at its required levels yet. Are we utilizing our resources wisely? If so, you can ask, why then are companies still being hacked? Maybe we are doing something wrong here because cyber threats and regulatory requirements are increasing in this digital era. This article will endeavor to address several generic pitfalls and industry-specific flaws that require attention. Current situation The current approach in cybersecurity needs to be corrected at its basics. Some take the word cybersecurity literally and “try” to protect “cyber,” which is undoable since cyber as a concept is endless. This makes cybersecurity a “wicked problem.” In 1973 design theorists Horst Rittel and Melvin Webber suggested that wicked problems have specific characteristics: They do not have a definitive formulation. They do not have a “stopping rule.” In other words, these problems lack an inherent logic that signals when they are solved. Solutions to wicked problems are not true or false or right or wrong, but rather better or worse. There is no end to the number of solutions or approaches to a wicked problem. Wicked problems can always be described as the symptom of other problems.
Full Article
