If we can’t even take care of ourselves, how can our networks possibly survive?

I’m a true believer in maintaining a healthy lifestyle. Exercising, eating well and so on. There’s that equation that all of us are well aware of: burn more calories than you take in and you’ll lose weight. Then, once we get to our ideal size, we just need to maintain a good balance of calories and exercise and we’re golden. With a few exceptions, it’s a formula for health that applies across the board.

Simple enough.

I subscribe to a couple of different health-related newsletters and, putting the occasional new research aside, it seems the content of these publications is nothing more than simple rehashing of the exercise more, eat less way of life. The health experts claim that’s how most of us, by and large, will stay healthy.

Makes sense to me.

The thing is, I’m not as healthy as I could be and I know we have a serious obesity and diabetes problem in America and other parts of the world. Unhealthy people are everywhere. But, knowing what we know, why does our unhealthiness continue? Where’s the breakdown?

With everything else being equal (socioeconomic status, self-esteem, genetics and the like) we get busy. Life gets in the way. We’ve got jobs, kids, and all the other things of adulthood that we’re now responsible for – and often feel woefully unprepared for! Even the people with the greatest intentions of being healthy can’t seem to maintain a healthy lifestyle. Notice how the 2014 New Year’s Resolutions are fading away?

I was thinking about this issue in the context of IT and wondered, how can we possibly expect people (management, employees, IT staff – whoever) to give their best to information security when these same folks struggle to assess risks related to their own bodies? Our health is all we’ve got. If we can’t take that seriously, I’m not so sure we’re ever going to get true buy-in and support for something as seemingly unimportant as information security.

Like how automobile safety has evolved over the decades, maybe things will come around and we’ll start seeing truly “healthy” IT and information security initiatives. The human mind is complex. It’s a long road ahead but I remain hopeful.

In the end, you have to ask yourself: How healthy is my network looking? It may not be as healthy as it appears.

In the second part of this blog post, I’ll share with you the areas of your network that you need to keep tabs on to ensure you have all of the information you need to make informed security decisions.

About the author
Kevin Beaver, CISSP, is an information security consultant, expert witness, writer, and professional speaker with Atlanta-based Principle Logic, LLC. With over 25 years of experience in the industry, Kevin specializes in performing independent security assessments in order to help business executives understand their information risks that actually matter. He has authored/co-authored 11 books on information security including Hacking For Dummies and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, he’s the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. Kevin can be reached at www.principlelogic.com and you can follow in on Twitter at @kevinbeaver and connect to him on LinkedIn at www.linkedin.com/in/kevinbeaver.