Member-only story
All Cybersecurity Is Local When The Balloon Goes Up
And The Balloon Will Go Up
Cybersecurity professionals know that cyber threats can come from anywhere: a nation-state actor from another country, organized crime syndicate from another state, a vendor error, or an inside threat.
We understand that our operating environment isn’t really our own; instead, we share it with our supply chain that spans the globe, with partners and customers who expect online connection from anywhere, any time. We operate as part of an ecosystem of technology and data and processes, accountable for running just a small part or it, but owning most of the risk.
But when the inevitable cyber incident happens, we are immediately on our own. It’s up to us to manage the incident, independent of anyone else. It is up to us to evaluate the impact to our business, and report out to stakeholders. Even if vendors or non-profits or think tanks do some research on a class of vulnerabilities, or a type of threat actor, it is still up to our individual organization (and security team, and security leader) to weather the storm of the actual event.
And some of us simply can’t weather the storm.
In March of 2025, the United States White House issued an executive order that pushed ownership of cybersecurity incident response and…
