Category Archives: The Information Security Profession

Allegory for Information Security

Allegory is a powerful tool to explain a complex topic or summarize it, so many times I  explain that Information Security should be like the atmosphere – it should be transparent (not felt, not bothering), it should prevent bad things (asteroids = malware/other attacks) from coming in, and prevent good things (like oxygen = sensitive/confidential data) from getting out.

Cyber attacks are more certain than fire and theft risks for businesses

The insurance company Aviva conducted a research about cyber risks and one of its main conclusions was:
… the research found that businesses are 67% more likely to have experienced a cyber incident than a physical theft and almost five times as likely to have experienced a cyber attack as a fire.
If the numbers are real and it not just a PR to sell more cyber insurance – then I think it is a landmark in the history of information security – a major “upward” step in the risks ladder, getting closer to certainty in the probability scale.
As I always say – much of our work in cybersecurity is not technical, it is fighting repression, the mentality pushback by humans we work with about dealing with digital risks, and this research may help us by having a statistical evidence that cyber risks are not accidental, they are intentional (be it either a personal or generic targeting) and they are bound to happen, to only question is if we will do something about it.

I am available immediately for a new job

Hello admirers, fans and website visitors,

I am now immediately available for a new job, as an employee or as a freelancer, of course in the field of information security.

You can find more professional details about me and also contact me on my LinkedIn profile page, on my freelancer website – Vigorous Security (in Hebrew and English), and reach out to me on the contact form on this website.