Happiness is, intrinsically, a human desire to seek positive feelings of personal satisfaction. Although there are several theories to achieve it, there is one that is probably the most basic, although distorted and limited, called ignorance.
With ignorance about information or about knowledge, it doesn’t matter to know about what surrounds us, what data there is, what risks we have or if we are facing technical problems. The saying “eyes that don’t see, heart that doesn’t feel” applies, that is, we will be disconnected in reality, but at the limit happy temporarily because we have nothing to worry about.
On the other hand, there are those who have faith in religions, in spirits, in justice, in science, in technology, in love, in humanity, or in other more or less rational, more or less emotional structural bases, with the objective of guaranteeing comfort, guidance or personal hope in times of uncertainty. Having an unshakable and radical faith in something, in the face of the adversities we face, we tend to wait for something or someone to solve the problem, without having to do anything: it appears to us done!
There is yet another feeling, which is the mania that we know everything, or that we completely dominate “our backyard” and that we are unbeatable. This is a feeling that is often associated with someone whose ego is “bigger than the world” or with someone afraid to show their weaknesses by creating high-dimensional theaters to obscure their limitations. In both situations we are facing problems of lack of humility or recognition of real capacities and competences.
To what extent do these three human characteristics relate to cybersecurity? Simple: they all often symbolize the business reality with which we face this technological challenge, based on disruptions in the digital world and with a direct impact on the physical world.
There are several cases of conversations or meetings in the business environment, where the ignorance of managers, often supported by specialists in theory and not in practice, where the faith that “everything can be solved”, taking into account that until now they have had no problems and when there is one whether it will be resolved, or where the altruism of having invested in a firewall, when hiring a technician, or even because “it was us” who did the installation of the entire infrastructure environment, there will be nothing so unbeatably “cybersafe”.
However, with cybersecurity we can only guarantee one certainty: the certainty of our fragility. Just as there are no infallible software, neither will digitally and socially cybersafe companies exist.
Paying ransoms of thousands of euros is not having faith… it has another name! Not having an intelligent monitoring and alarm system is not guaranteeing happiness through ignorance… it has another name! Considering that we did everything right, in particular having closed all external and internal access well, forgetting the essential phenomenon of awareness and creation of a cybersecurity culture, avoiding social engineering attacks… it has a name!
Only with a recurrence of daily actions, with the definition and effective implementation of a cybersecurity strategy, with technical training and renewal of technical and management skills, with the sharing of cases with partners or with the effective implementation of continuous innovation processes , we will manage to be knowledgeable and aware, although concerned, to be believers, although with a necessary preventive proactivity, and to be humble, although strengthened by the assumption of weaknesses and the search for help.
In cybersecurity, more than waiting for something to happen for us, it is ensuring that we play in anticipation and digital and physical sustainability in any organization of the 21st century.