所有公司未来都将成为网络公司
当权威人士说“每家公司都是科技公司”时,听起来就像用流行词胡说八道一样。但后来,人们意识到确实如此。现在,从媒体到零售的各个行业如果想要获得成功,都必须把科技当作核心竞争力来看待。 在网络安全上,同样的情况恐怕又要成真了。过去只有银行和科技等少数行业才需要把安全作为工作立身之本。如今,其他所有人也要如此了。你还有怀疑吗?看看上周五导致全球许多医院和联邦快递(FedEx)等大公司瘫痪的勒索软件吧,如果他们之前升级了Windows系统,或许就能阻止这次袭击。 擅长网络安全可能不会让公司在市场竞争上获得优势,不过它可以阻止安全灾难的爆发,这同样重要。问题是怎么做到这一点。 反钓鱼服务公司Area 1的首席执行官奥伦•法尔科维茨等人坚称,科技才是维护网络安全的最好途径,他们认为去培训公司里的每一个人,让他们擅长网络安全,这是不现实的。与此同时,Cloudflare等公司则建议采用整个行业适用的办法,例如给物联网(Internet of Things)建立类VPN保护的倡议,这样可以降低联网设备的危险性。 这些办法都很好,不过我认为企业文化也必须在其中成为不可分割的一部分。想起过去,媒体从业者曾经心安理得地忽视新技术(“我为什么要写那个?我是作家!”),但如今媒体认为科技素养乃是记者这个职业的核心要求。 我能感觉到,在网络安全问题上,同样的事情会再一次发生。如此多网络灾难的发生,都是因为人们缺乏更新软件或检查邮件附件等基本意识而导致的。未来成功的企业里,可能所有的员工都要了解网络的基本常识。 当然,说来容易做来难。不过现在,企业和机构已经别无选择。(财富中文网) 译者:严匡正 |
When the pundits first said “Every company is a tech company,” it sounded like buzzword blather—until people realized it’s true. These days, companies in any industry—from media to retail—must make technology a core competency if they want to succeed. And now the same is becoming true of cyber security. Once, it was only a handful of industries such as banking or technology that needed to make security a fundamental part of what they do. Today, everyone else does too. Do you doubt it? Just look at the terrible ransomware attacks that crippled hospitals and major companies like FedEx across the world on Friday—attacks that probably could have been prevented if they had updated their Windows software. Being good at cyber security may not give a company a competitive edge in the market, but it will prevent security catastrophes, which is just as important. The question is how to achieve this. People like Oren Falkowitz, the CEO of anti-phishing service Area 1, insist that technology provides the best route to cyber safety, arguing it’s impractical to train everyone in an organization to be good at security. Meanwhile, companies like Cloudflare are proposing industry wide approaches—like an initiative to create VPN-style protection for the Internet of Things—to make connected devices less dangerous. These are fine approaches, but I can’t shake the impression that corporate culture must be part of the mix too. I recall how it was once okay for those of us in the media to ignore new technology ("why do I need that? I’m a writer!"), but now the industry treats tech literacy as a core part of a journalist’s job. I get the feeling the same thing will happen when it comes to cyber security. So many cyber disasters are based on exploiting people’s lack of knowledge about elementary ideas like software updates or email attachments. Successful companies of the future may be those in which everyone in the organization has a basic level of cyber literacy. Sure, that’s easier said than done. But at this point, companies and organizations have no choice. |