The word “cyber” has become incandescent in the information security field.

Lots of people use it. Some over use it. And some hate it. Like… “remove the safety clasp from the Katana” hate it.

So here are my brief thoughts on this.

There are multiple dynamics at play here, and I want to try to capture a few of them.

Language is fluid. This especially true in technology. Words leap into existence from nowhere and become commonplace in a few years. The trend seems to go like this: interesting idea –> buzzword –> general acceptance –> core vocabulary. The problem is in the buzzword phase. This is where sales and marketing get silly with it. Everything is suddenly THAT THING, even the stuff that isn’t. That makes purists of all types hate the word. Language purist? Hate it. Tech purist? Hate it. But then, assuming the word has enough merit, it moves out of the buzzword phase and into the acceptance phase. That’s where sales and marketing stop mutilating it quite so much, and the term settles into its near-final definition.

Cloud is a spectacular example of this.

It basically just started being super popular around 3-5 years ago, and it was way overused and maligned in many unholy ways.

Now it’s like saying “network”. It’s just a technology word. And even those who hated it with overwhelming force back when it was being misused are accepting of this.

Well, with Cyber, we’re right in the middle of the buzzword phase.

It’s all cyber, all the time. Cyber-threats, cyber-meta, cyber-defenses, cyber-paintball, cyber-sandwich, cyber-cyber…cyber.

And once again, the purists (I’m a reformed one myself) are assembling the militia.

It’s dumb.

People over-use it.

That’s not what it means.

Anything that means everything means nothing.

It’s a shitty word that should die in a fire.

Yes, yes, yes, yes, and…no.

The term and concept is not dumb. How people are using it is dumb. But that should be expected, because we’re in the CYBER ALL THE THINGS phase.

It too will pass. And when it does we will be left with something useful.

The way I see it landing is with something like the concerns around the intersection between digital infrastructure and security threats.

So we’ve always been worried about kinetic threats. Since, well, forever. Someone could always attack you, your family, your house, your city, and your country.

But now those attacks can be so ephemeral that they wouldn’t even be recognized as attacks by someone 100 years ago.

That’s big, and I think that’s what cyber will end up meaning in the information security space:

Digital security as it relates to critical infrastructure, whether that’s your family, your business, your country, your economy, etc.

But until we move into acceptance and core vocabulary, we’ll have to make it through this buzzword phase. That means thousands more cyber-presentations, cyber-products, and cyber-airpistols.

It’s gross, but we’ll make it through.

Notes