This week at work has been CyberSecurity Week, or at least it has been for me. It has been a serious deep dive into a world I knew nothing about.
A few thoughts on it. Firstly, it’s wildly complex. Part of that is due to the nature of the beast, but the language makes things harder. SCIM, RBAC, OAuth, SSO, Zero Trust, Permissionless, Multi-tenant, and more of the terms I have tried to get my head around, and honestly, sometimes I can’t make head or tails of it.
This is a crowded space. It’s genuinely packed with vendors, all offering different services at different price points, all of whom claim to be the best. What this means is spending a lot of time on calls, barely understanding what is going on, and trying to figure out a way forward. Honestly, it’s a good challenge, and we made some great progress.
The final thing to add is that researching this area tilts one towards paranoia. Yes, there are bots out there, and hackers, and malicious foreign actors. But a small company, with only a few users, is not a big fish, and the odds of being captured by some Iranian hacker network is slim. Nevertheless, I get the impression that having this problem solved BEFORE the bots and hackers swarm is always a good idea.
Leave a Reply