If you are security paranoid, your security is either poor, endangered, imperiled OR safe and protected. It depends how you define the term paranoia.

The traditional definition of paranoia is “unjustified suspicion and mistrust of other people” but when we are discussing security the term takes a completely different meaning.

Words do not define the meaning and if you want to stay ahead of the security game you need to create meaning around your protection levels.

This meaning does not come from employing traditional terms but instead it comes for a deep understanding of the context related to the term employed.

Unfortunately, as human beings we make assumptions and projections at a subconscious level. Assumptions we never questioned and examined carefully in regard to their validity when we extended the term to be used in a different context. Most of the time though the terms we use lightly are very powerful in reference to our security levels and should be examined extensively.

• Mindset 1 – Going the wrong direction: Someone who has no specific path in security and is desperately doing anything that comes across his/her mind
• Mindset 2 – Risking everything: Someone who is risking his/her assets destruction because even though the world around has made security a priority, that person does nothing at all to protect their business and personal belongings
• Mindset 3 – Solid security foundation: Someone how has a series of habits, methodologies and measures around security which in many cases seem over the top for the masses.

Let’s analyze mindset number 1: When you are doing everything randomly and you have no path to follow for your security then, you have no way to measure its effectiveness if any and you are just consistently contributing to a chaotic situation which gets you frustrated, confused and last but not least leaves you unprotected. Most of the time this mindset leads you to mindset number 2.

That is why a security strategy is an essential and valuable tool because it is all about how to get to your destination which is protection of your assets. You see, In the rush of reacting to our always evolving threat environment we usually buy into the noise of being directed based on trends and fancy tactics. However there is a big difference between strategy and tactics you have to be aware of. Tactics are tools and resources and are great but strategy is defining your way, it is setting your path toward the result you want to achieve. So, if you don’t have a strategy around your security and you are randomly and without a vision of your outcome employing security tactics based on trends you fall into mindset number 1 of security paranoia.

Let’s analyze mindset number 2: I always say that your security levels always depend on your beliefs about security. So, if you hate security because you find it complicated then it is normal to avoid it which results in you being endangered by threats. However, I do not blame people who fall into this mindset. In the past security was an additional feature to designs and it was forceful, complicated and most important of all intrusive to people’s lives and work. When you are forced to do something that is in between you and the task you want to complete then it is absolutely normal to feel frustrated and wanting to avoid it. With time the old security philosophy managed to pass the message to people that security is something you want to avoid and people just switch off when they hear the term.

I understand that but, at the same time you are open to danger so we have to reverse your negative mindset around security with simple steps which show you that security is easy, simple and fun.

Now I have to be honest with you here:

If you define paranoia based on the first two mindsets then you are in trouble.  That is because your security is described as poor, endangered and imperiled.

I am defining paranoia based on the third factor thus, when people ask me:

What it feels like being so paranoid about my security?

I reply:

Well, if you really want to know, it feels safe! It feels save because I do exactly the opposite of the first two mindsets about security.

• I am not avoiding seeing the danger around me both trends and traditional ones,
• I am committed to creating easy ways to secure things in order to alter peoples’ negative mindset around security,
• I am following a plan which is defined by what I want to achieve,
• I do not get upset by knowing that systems will fail because I have thinking methods in place that can surpass that and
• I am not upset about the things I do not currently have. I can always use my brain to make the things I have available now to able to protect my valuable assets and I know I can improve and expand my security with time.

Extending a saying by Dr. Dolf de Roos, “The most valuable asset you have for your security is the six inches between your right and left ear. It’s what you create in that area that determines your security. We are only really limited by our mind.”

You see, cyber-security is a game, a very catastrophic one if you do not remain in control and ahead of the cyber criminals. Cyber criminals  have the power to cause a disaster but, only if you are willing to let them do so.

The reality is that security paranoia is a matter of prospective. Sometimes we do not even take the time to think about important terms and how we interpret them but, those terms affect our personal and professional entities. One of those terms is Security Paranoia.

Now it’s your turn. In which mindset do you fall for security paranoia and

Security Paranoid = endangered and imperiled

OR

Security Paranoid = Protected