The world of cybersecurity and cybercrime is rapidly evolving and a new vocabulary is developing to match. A relatively new addition to the cyber-lexicon is the concept of a ‘security posture’ or ‘cybersecurity posture.’ What does this refer to?
The cybersecurity posture of an organisation refers to its overall cybersecurity strength. This expresses the relative security of your IT estate, particularly as it relates to the internet and its vulnerability to outside threats.
Hardware and software, and how they are managed through policies, procedures or controls, are part of cybersecurity and can be referred to individually as such. Referring to any of these aspects individually is talking about cybersecurity, but to understand the likelihood of a breach a more holistic approach must be taken and an understanding of the cybersecurity posture developed. This includes not only the state of the IT infrastructure, but also the state of practices, processes, and human behaviours. These are harder to measure but can be reliably inferred from observation.
In the context of managing cybersecurity for organizations, directors and officers must make decisions based on deliberation and a sound appreciation of your overall cybersecurity posture. Understanding individual aspects of your cybersecurity approach is not enough. A holistic approach that quantifies risk and considers the interaction of physical, virtual, and human factors can add great value.
KNow more about the IT analyst salary and job duties.