The post-COVID winners will be those who treat it strategically now

C-level executives must stop looking at cyber security as a mere operational matter: Something which is below them and is dealt with somewhere below them in the organisation. It is the type of mental attitude which is has led to twenty years of maturity stagnation in real terms across the security industry, in spite of the billions spent with tech vendors.

Talking about industry stagnation is a way of highlighting that the security industry keeps going round in circles and that topics – such as the timely deployment of security patches for example – keep coming back regularly towards the top of the agenda, although they have been known – and could have been addressed – for more than a decade.

But as a matter of fact, the situation is getting worse, and firms – large and small – have been facing a non-stop tidal wave of cyber attacks over the past few years in spite of the proliferation of tech products in that space.

Fundamentally, pure operational approaches to cyber security have failed. They have not managed to keep in phase with the digital transformation of many businesses, the emergence of cloud solutions and the de-perimeterization of the enterprise. They have fallen victim to adverse prioritization and internal politics in many large firms or have not been able to focus beyond illusory quick wins.

#cyber security #operational approach #security