Cybersecurity is facing a crisis, and it’s time we stopped avoiding it.
It doesn’t matter that adversaries are more aggressive and savvy, the way we’re talking about them is a bigger part of the problem, writes John Kindervag, Chief Evangelist at Illumio. We’ve clung onto the concept of “risk management” for too long now, a term couched around calculated probabilities and acceptable losses. It’s a reassuring framing that offers a sense of control. But it fosters complacency.
When it comes to defending against cyberattacks, probabilities don’t matter. Action does.
That’s why I propose we stop talking about “risk” and start talking about “danger.” Danger doesn’t wait for analysis or negotiation. It demands vigilance, readiness, and immediate action.
This isn’t just a case of semantics – it’s a shift in both mindset and strategy that we need to combat attackers who are more motivated and capable than ever.
A personal story behind danger management
My belief in the need to replace “risk” with “danger” stems from a very personal experience. We’ve all heard the action hero quip about “danger being my middle name.” Well in the…
