IEEE Communications Magazine
| Hi-index | 0.00 |
Traditional computer security has focused on protection against known threats, largely from outsider attacks. The number of cybersecurity incidents affecting businesses of all sizes demonstrates that our current cybersecurity posture is not entirely successful and that businesses are slowly moving from a risk avoidance stance to a risk mitigation strategy. The business world is changing and few businesses are able to easily protect their assets within a known business perimeter, particularly with inevitable budget constraints. Technology changes such as cloud computing, e-business, teleworking and bring-your-own device (BYOD) increase the potential for vulnerabilities from attacks to the business information technology infrastructure throughout the supply chain. In addition, business changes such as global suppliers, outsourcing and offshoring, and the need to cut costs in all aspects of manufacturing and operations are creating new vulnerabilities. To respond to these changes, businesses must consider cybersecurity strategies that are not focused primarily on firewall and encryption techniques, as threats are increasing from "trusted sources" including employees, customers, partners and suppliers. Supply chain security is an important consideration that is not covered in most cybersecurity educational programs. This paper addresses the need for a wider perspective on cybersecurity and the increasing need for educational programs that address this issue.