Do We Need to ‘Disrupt’ the Cybersecurity Status Quo?

Maksim Kabakou/

Next month marks 10 years since DHS first marked Cybersecurity Awareness Month. Is the cyber conversation stuck in 2004?

Next Wednesday marks the beginning of the 11th annual Cybersecurity Awareness Month.

The Department of Homeland Security says the month is designed to “engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident.”

In anticipation of the celebration – the National Cyber Security Alliance has deemed it something to “celebrate.” 

I have not written a great deal in the last several months about cybersecurity. In fact, one of my posts earlier this year noted that it seemed as if there was cybersecurity overkill going on, and I wanted to step back and take a deep breath and do an inventory of cybersecurity policy. 

Now, as we embark on a month of “cyber-celebration,” it seems like a good time to step back into the fray and give some thoughts on the topic. 

Specifically, I thought it would be helpful to look at how we could “disrupt” cybersecurity in the way Netflix disrupted video watching, Uber disrupted the taxi/car service, Zillow disrupted how we went about making housing decisions and other companies are disrupting various aspects of how our lives and technology intersect.

I did a search on “cybersecurity disrupters” and a few things popped up -- but nothing that made me think, “Wow, this changes the game.” 

So, a few topics to throw out for discussion over the next few weeks.  I’ll write more on each of them throughout the month.

  • Policy disruptors:  Since the mid-1990s, the policy debates in D.C. have been focused on information sharing and critical infrastructure protection.  Legislation, executive orders and presidential directives, as well as various reports have all pontificated on the topic.  Maybe it’s time we move beyond the current policy debates to something else that can move the needle on cybersecurity. 
  • Data breaches vs. cybersecurity:  The two topics have been bifurcated in the policy debates and discussions among thought leaders. Why?  Shouldn’t they be the same?
  • Weaponization and offensive actions:  This may be one of the biggest disruptors of them all as we start afresh with a path forward on cyber weapons.
  • Post-Snowden cybersecurity:  The struggle over surveillance and law enforcement-processes amid technology reforms.

These areas are ones where disruption could be game-changers.  As I discuss them over the next few weeks, I welcome feedback and thoughts -- especially if you think there are other areas I missed.

Stay tuned. 

(Image via Maksim Kabakou/