 Defence from an attacker’s view: Rethinking traditional approaches to cyber securityJonathan Freedman
Cyber Security: A Peer-Reviewed Journal, 2025, vol. 8, issue 4, 348-360 Abstract: In many organisations, cyber security is considered to be an information technology (IT) problem. However, the traditional relationship between IT operations and cyber security teams, where one is focused entirely on carrying out business-as-usual activities and maintenance while the other attempts to prevent cyberattacks, is outdated and leads to an increased cyber risk for organisations. These long-held views and failure to fully integrate current cyber security methodology and principles into IT-related business processes not only increases the likelihood of a successful cyberattack but exacerbates the resulting damage. It is not possible for organisations to prevent every attempted cyberattack; instead, organisations should expect and plan for breaches. This paper explains how implementing an assumed breach paradigm and combining the knowledge of IT operations and cyber security teams to form a combined CyberOps function can help close gaps in defence and incident response preparedness. Keywords: cyber security; IT operations; cyberattacks; cyber risk; cyber security methodology; breach plan; breach paradigm; CyberOps; incident response preparedness (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2025:v:8:i:4:p:348-360 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.