Effective cybersecurity requires awareness of a host of nontechnical factors, or hidden dynamics. These dynamics are not lines of code or circuits etched into silicon that only engineers and programmers can comprehend. Rather, they’re business factors that you already know but might not have associated with cybersecurity.
First, we address the dynamic we call the “chimera of compliance”—the inherent limitations of cybersecurity standards and the regulations based on them as a way to determine a company’s cybersecurity posture. Next, we look at the second dynamic, “employee motivation”—how employees simply trying to excel at their jobs can engage in behavior that creates new cyber risks for their company. Then we examine the ...