Abstract
Modern CIOs handle a multitude of roles within their companies, from deciding the strategic orientation of the IT environment to keeping data centers and devices running smoothly. As if this wasn’t enough in terms of responsibility, CIOs also bear ultimate responsibility for the security of data, applications and the IT infrastructure. Although ensuring the safety of the company’s digital assets has long been one of the core elements of a security strategy, new adversaries such as government-backed hacker groups, cyberespionage teams out for a quick profit and politically motivated activists have resulted in a “red alert” status for digital assets. And yet, while the current threat from these numerous attack vectors should be taken deadly seriously, many companies still believe that antivirus software, a firewall or simply taking a hush-hush approach are adequate precautionary measures. Antivirus software and firewalls are of course essential, even though both systems only form building blocks of an overall security model. But the time has really come to drop the idea of seeing security as a taboo topic not to be discussed in public. “Security by obfuscation” used to be considered a legitimate security strategy: If we don’t publish any information on a topic, then we’re not giving away any useful data—right? Wrong! Pretty much every proprietary software or hardware has now been hacked, simply because attackers found a loophole that manufacturers had overlooked. Which is why open source software is considered more secure: The multitude of auditors and developers picking through the code maximizes the number of vulnerabilities detected and the speed of their discovery. Going at it alone, hidden away behind closed doors, is not how IT security works. Attackers recognized this a long time ago, of course. Since hacking is a collaborative, team-based effort, why shouldn’t the good guys do the same?
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cloud Security Alliance (2016). Website. Accessed May 24, 2016, from https://cloudsecurityalliance.org
FireEye (2016a). FireEye-Studie: Doppelt so viele Cyberattacken in Deutschland – starker Anstieg bei Ransomware. Accessed May 24, 2016, from https://www.fireeye.de/company/press-releases/2016/fireeye-report-finds-almost-twice-as-many-cyberattacks-in-germany.html
FireEye (2016b). FireEye-Studie zeigt: 61 Prozent der Deutschen würden rechtliche Schritte ergreifen, wenn ihre persönlichen Daten gehackt warden. Accessed May 24, 2016, from https://www.fireeye.de/company/press-releases/2016/fireeye-consumer-survey.html
F-Secure (2016). Schwachstellen zu schließen ist eine der wichtigsten Maßnahmen, um Attacken erfolgreich abzuwehren. Accessed May 24, 2016, from http://www.pressebox.de/inaktiv/f-secure-gmbh/Schwachstellen-zu-schliessen-ist-eine-der-wichtigsten-Massnahmen-um-Attacken-erfolgreich-abzuwehren/boxid/796096
National Vulnerability Database (2016). CVE and CCE statistics query page. Accessed May 24, 2016, from https://web.nvd.nist.gov/view/vuln/statistics
Skyhigh (2016). Cloud adoption and risk in EU Report Q1 2016. Accessed May 24, 2016, from http://info.skyhighnetworks.com/WPCARRQ12016EU_Download_White.html
Verizon (2016). Verizon DBIR 2016 shows we haven’t learned how to improve security. Accessed May 24, 2016, from http://searchsecurity.techtarget.com/news/450294161/Verizon-DBIR-2016-shows-we-havent-learned-how-to-improve-security
Wired (2016). TalkTalk Hack Toll: 100k Customers and £60m. Accessed May 24, 2016, from http://www.wired.co.uk/news/archive/2016-02/02/talktalk-hack-customers-lost
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Schneider, R. (2017). IT Security: Stronger Together. In: Abolhassan, F. (eds) Cyber Security. Simply. Make it Happen.. Management for Professionals. Springer, Cham. https://doi.org/10.1007/978-3-319-46529-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-46529-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-46528-9
Online ISBN: 978-3-319-46529-6
eBook Packages: Business and ManagementBusiness and Management (R0)