Dr Patrick Scolyer-Gray
04 Feb. 2021


The Egg Story: the delicate connection between you & your security technology

The delicate connection between you and your security technology

The inside
Your organisation’s sensitive information is like the inside of an egg.

All the personnel, endpoints, IP, stored data and anything else of value is the egg white, with the yolk the most valuable information, such as passwords. Any information that could be attractive to cyber threat actors is like this gooey interior: dynamic, soft, and dependent on protective casing for safety and structural integrity.

The shell
On the outside is the ‘hard shell’ of your cybersecurity infrastructure. This includes your firewalls, honeypots, network and application security, and more. Combined, these technologies form a protective barrier around your organisation’s vulnerable and valuable contents.

How is your ‘egg’ under threat?

To ensure their security against cyber attacks, most organisations today add layers of protection, constantly updating and investing in different methods to improve the protective properties of their ‘eggshell’.

Cyber security experts know, however, that no shell is perfect. This protective shell can be cracked, peeled away or otherwise bypassed, ultimately leaving your organisational ‘insides’ exposed.

No infrastructure will be effective unless these security technologies are understood and adopted by the people it is meant to protect. So people – your people – are crucial to your organisation’s cyber security approach.

Cyber-sociology and your people

Cyber-Sociology works with the weaknesses and strengths of your people to achieve a stronger security posture in your business.

Cyber-sociology seeks to change the properties of the egg’s contents so that your business is less vulnerable and less dependent on the eggshell for security.

Since we know that the eggshell will inevitably be breached, your people must be able to repel any attacks individually. If we demystify and increase cyber literacy and instil an intrinsic motivation to cultivate a security culture, then the threats presented by cyber threat actors are diminished. Any social engineering and vulnerabilities created by human errors are dramatically reduced.

No cyber security strategy is perfect – but it can be vastly improved

It is important to recognise that once it has been hard-boiled, the egg still needs its shell.

A balance must be struck between strengthening both your human and technological capabilities. We must remember that our eggshell is still a critical deterrent to and shield from cyber attackers. The better maintained our firewalls and network security, the harder we are to ‘crack’.

And even if these outer defences are breached, we can still learn from our mistakes, educate our people and more efficiently and knowledgeably use our cyber security technology.

Cyber-sociology is a paradigm shift away from the conventional approach of layered technologies. It requires a shift in thinking and strategy. With a more human-centred approach, cyber-sociology offers new ways to efficiently use the infrastructure you already have in place and achieve a superior security posture at the same time.

To find out more about Human-Centric Cyber Security you can reach out to Patrick Scolyer-Gray

More insights from Dr Patrick Scolyer-Gray

Strengthening organisational capacity to withstand AI-Powered Cyber Threats

Strengthening organisational capacity to withstand AI-Powered Cyber Threats

Setting aside the hype and hysteria, watch our panellists as they interrogate AI’s implications for cyber threats and cybersecurity, focusing on providing practical strategies and tactics suitable for building cyber resilience.

Dr Patrick Scolyer-Gray | Aug 15th, 2023
Mastering Risk Management Episode #63 - Dr Patrick Scolyer-Gray

Mastering Risk Management Episode #63

When human error accounts for up to 95% of data breaches, technology clearly isn’t the problem. We are. In this […]

Dr Patrick Scolyer-Gray | May 31st, 2023

Deep Dive on Cybersecurity

Human-Centric Cybersecurity Champion, Dr Patrick Scolyer-Gray, shares his knowledge and experience on all aspects of cybersecurity.

Dr Patrick Scolyer-Gray | Feb 11th, 2022

The Ransomware crisis: It’s Time to Retake Control

The discussion so far has dovetailed into an argument for how techno-centric and HCCS can (and do) work together to resist and repel cybercrime, and although it is great to have a strategy for what we need to do, we need to remain cognisant of the sobering reality of our predicament: The ransomware crisis is far beyond the scope and capabilities of any single company or organisation.

Dr Patrick Scolyer-Gray | Sep 29th, 2021

Techno-Centric Cybersecurity and HCCS: Can’t we all just be friends?

In my last article, I made the argument that Human Centric Cybersecurity (HCCS) and conventional technical elements of cybersecurity need to work together as a unified front when combating ransomware. So, how does that work in practice when applied to combating ransomware?

Dr Patrick Scolyer-Gray | Sep 17th, 2021

Ransomware: what technologists don’t want to hear

Having recently covered the basics on ransomware and why it’s a clear and present danger, it’s time to look at the limitations of what has been the traditional approach used to try and resolve these issues.

Dr Patrick Scolyer-Gray | Sep 3rd, 2021

Australia’s Ransomware Crisis

Cybercrime has long been the stuff of the Internet’s collective cultural imagination; a well-worn stereotype of the hooded figure hunched over a keyboard. It might sound dramatic but make no mistake; ransomware attacks have grown in scale and frequency to a point where they now threaten the safety and wellbeing of all Australians.

Dr Patrick Scolyer-Gray | Aug 20th, 2021