Cybersecurity

by Diane Calabrese | Published July 2025

 

 

Illusion, work-in-progress, unachievable goal or some of each? We each have a perspective about cybersecurity.

And the perspective likely changes frequently. Hacked and tracked defines life in the digital world. But on the days that we receive no advisories about a hack involving our data or an alert that a tracker has been placed on our phone, we carry on with caution.

How much caution? It’s a digital/electronic world and we can spend all our time installing and monitoring apps that promise more security. Or we can strike a balance for living with the truth: Cybersecuity is mostly an illusion.

As long as there are thieves, there will be no absolute security. A safe that could not be cracked could be blown up. The most innocent-looking rail or stagecoach passenger could be a robber in disguise. No period in history offered firm security.

And our period is no exception. The scale of the theft/disruption is, however, new.

“A single hacker sitting anywhere in the world can potentially access data or disrupt systems across the globe in seconds,” says Gus Alexander, CEO of FNA Group in Pleasant Prairie, WI. “That kind of reach is unheard of in traditional crime.”

And, explains Alexander, the speed at which digital theft can happen means it can elude immediate detection. “Think of ransomware or data breaches that go unnoticed for months.”

There’s a second novel aspect. “Digital theft often involves copying rather than taking,” says Alexander. Thus, the owner may not know anything has gone missing.

“Criminals can mask their identity with sophisticated tools like VPNs, the dark web, or botnets, making attribution extremely hard,” explains Alexander. “The concentration of value in cyberspace, [aggregates] such as financial systems, health records, intellectual property, and personal identities are all stored and transacted online, amplifies the risk.”

Although we have all been warned repeatedly for many years to be wary of phishing schemes (emails) and the vulnerability of outdated software, the two areas continue to be weak and easy entry points for hackers, explains Alexander.

Just as there’s no such thing as absolute security in the real world, there is none in the cyberworld. As in the real-world security – to the extent it can be achieved, hinges on “risk management and threat mitigation,” explains Alexander.

Why? “Every system has vulnerabilities, especially as tech evolves and attack surfaces expand,” says Alexander. “What’s secure today will be obsolete tomorrow due to new exploits, tools, or adversarial tactics.”

We can reduce risks and detect (some) breaches, and we can respond to them, explains Alexander. But we cannot eliminate them entirely.

“We have a very robust system that detects a potential cyber security attack but professionals that I have spoken to prefer terms like ‘cyber resilience’, ‘information assurance’, or ‘risk management’ because they more accurately reflect the dynamic, defensive posture of their field of expertise,” says Alexander. He adds that the word ‘cybersecurity’ may set up false expectations for the public and organizations.

We all know the adage that the strongest chain will be broken by the weakest link. And, unfortunately, the weakest link in cybersecurity is often a momentary lapse in judgement.

Human behavior, such as team members not following protocols, can lead to a breach. “People fall for phishing, use weak passwords, ignore updates, or bypass security for convenience,” says Alexander. “Even with strong tech in place, one click can open the door.”

Even with all team members vigilant, risk is ongoing. “New threats emerge constantly — zero-day vulnerabilities, AI-enhanced attacks, advanced persistent threats [among them],” says Alexander.

In addition to human behavior and the speed at which threats emerge, there’s are other significant weak spots, says Alexander. “As companies adopt cloud services, remote work and mobile tech, there are just more entry points to secure. And even if your systems are tight, third-party vendors might expose you”

The level of risk can overwhelm new and growing businesses. Where to begin? That becomes the question they ask themselves.

Alexander’s advice? “My top recommendation is as follows: Start with a cybersecurity risk assessment.”

The assessment details what’s a risk – data, systems, processes,” explains Alexnder. And it identifies the most likely threats and biggest vulnerabilities. It is the guide for prioritizing actions that will improve security (reduce risk).

Employee training follows as an immediate second to the assessment. “Teach staff how to spot phishing and follow basic computer hygiene,” says Alexander. “Strong passwords plus multi-factor authentication, which is easy to deploy, highly effective.”

Perform regular system backup, and test recovery too, says Alexander. “Finally, constantly patch and update, which will keep your system and software current. At the end of the day without knowing your risks, you’re just throwing darts in the dark.”

 

CISA

 

Since 2018, the United States has had an agency dedicated to cyber- and physical (infrastructure) security. CISA, the Cybersecurity and Infrastructure Security Agency (CISA) is part of the Department of Homeland Security (DHS).

How is CISA doing? Given the torrent of threats and negative events being reported, we could conclude ‘not well’. On the other hand, we don’t know how many threats were thwarted.

Anyone who retains a complacent view of the status of cybersecurity – as in, all is well, should take a moment to visit the CISA website (https://www.cisa.gov/) and review updates and recommended actions.

The early days of May include reports of “unsophisticated” entities targeting operational technology (OT) and industrial control systems (ICS) both inside and outside government. The bottom-line recommendation from CISA regarding how to be prepared to respond is to be sure an organization has the capability to convert to manual operations.

How many readers are prepared to convert immediately to paper? Could schedules, invoices, work orders, inventory and shipping records be found?

Again, if in any doubt how vulnerable we are given our full immersion in the cyberworld, visit the CISA website. CISA, as well as the FBI, provide many suggestions about how to reduce risk. (FBI’s most recent warning was to update old routers).

Worrisome is that some recommendations from CISA seem dated. For example, “limit personal information you share online.”

Appraising cybersecurity from a broad vantage, we might conclude that there is a misalignment between the threats and the actions being taken by nation to combat them. (This is the writer’s view.)

Today, our federal government – or part of it, is taking up the plans for a Golden Dome, or missile defense system to protect the country. One could ask whether the threat from cyberattack is not greater and more immediate than the threat from missiles.

After reading the April 3 (2025) press release from CISA, which is titled “Fast Flux: A National Security Threat”, many might conclude we are more vulnerable that we imagined. Networks with gaps in security have been lagging behind in detecting malicious actors that exploit fast flux techniques.

With fast flux, cybercriminals evade detection by rapidly changing DNS (domain name system) records. In addition, they can create command and control infrastructure that conceals subsequent malicious operations, according to the CISA press release.

The foregoing is the nugget version of fast flux. Read the entire release at the CISA website to grasp just how fragile our cyberworld is. (Being prepared to go manual doesn’t seem adequate preparation.)