January 28th, 2019 was #DataPrivacyDay and on the 29th, we released our podcast with CISO, Mike Watson from the Commonwealth of Virginia. So I figured, why not finish this week off with a blog post that is focused on security. We are going to make it #SecurityWeek…
It really should be more like, #SecurityForLife because in reality, security never sleeps and it never dies. It is a part of everything we do these days because technology seems to be about everything we do. There isn’t a conversation about technology that should NOT include security. The reason why this is the case is purely because humans are the weakest link. Humans are the one that leave the Amazon S3 buckets open, we are ones that click the links in the email, we are the ones that don’t patch the servers, and we are the ones creating the horribly simple passwords.
And when you leave people responsible for security you make mistakes… for example, Apple had to pull group FaceTime because of a security flaw. Now I understand that humans are still involved with everything but when you can augment our tasks with orchestration / automation and artificial intelligence (we won’t bring up bias in this post) you can really drive change. What is more important about augmenting our security tasks with transformative technologies is that it frees us up to focus on more important things and to finally stop toiling.
Listen, all of these capabilities that we talk about on our podcasts are great. I love telling stories of how companies are making a difference with data, I love hearing how vendors are helping companies be successful but we can’t ignore the topic of security when discussing these capabilities. I understand that sometimes we forget or maybe the topic isn’t sexy, but do you forget to put your seatbelt on? Do you forget to lock your car doors or the door to you house? Probably not… and if we don’t remember and something bad happens, well… then what.
Security is an essential part of every story because it is the one way that we attempt to stay safe. It is important that we all the tools at our disposal to truly put the focus back on security. And who doesn’t want to stay safe. So my ask…? Well when you are working on a project, ask who on the security team has been updated on the project. Ask about authentication. Ask what the access levels are. Ask what layers of security are being implemented. When you talk to a vendor ask about automation tasks. Ask how they develop their software. Ask about their artificial intelligence capabilities. Ask them about their security story. Car companies are great about telling you their security story. And you expect that… but why not for other companies? We will never, ever be 100% secure but we can certainly do everything we can to make it pretty damn close. Then we can all be #SecurityForLife!