Cybersecurity has certain aspects to it. including endpoint device security, transmissions, host/servers, IAM(Indentity Assessment Management), Denial of Service(DoS), Risk Assessment, Recoveries plan. You can compromise the data to your benifits as soon as you can get into the network. endpoints devices are big problems, especially with IoT coming online quickly. It depends on the sophistications of each device manufacturer. transmission is relatively okay, with encriptions working fine. Think about your browser for example, it handles your transmission security on your behalf and it is done well. host/servers are protected well via firewalls etc. IAM are weak, that is why some have gone to two-steps authentication, taking a lot more efforts to identify authenticity. There got to be newer and convenient protocols like biometrics etc. Risk Management is a big deal. One can never be completely safe, so it is a matter of how much risk can you afford. Usually you want to avoid risk, if not then pass it on to others(like vendors), hide risk, reduce risk, then with what are still left, manage it, figuring out what to do when it happens, how to recover, how to control damage, etc.

Look at what happened lately regarding Solarwinds, or the Colonial Pipelines. Cybersecurity is like physical security, you or companies don't want to spend time nor moeny on incidents that you don't think will happen to you, or it would not be a big deal. Businesses worry about spending money now, to protect against what may never happen to them, they think. Kind of like your doctor tells you to exercise more or you may risk a heart attack, we just says no not me. until it actually happens. Hackers do not need all of us to be careless in order to benefit, just enough of us. But it is changing fast. in the us, we are short about 400,000 professionals in the cybersecurity field, 85% in business, rest in govt. And the most sought after skill set is not coding/technical. It is problem sovling skills. Such as Root-cause analysis(if you want to know some go to mindtools.com and search root-cause analysis). Actually not too many professionals in cybersecurity do coding.

Cyber/Information Security issues? both personally and business wise? 

So what do you think, personally or professionally? How should we deal with privacy issues? or should we just give up? In Europe, they have an opt-out default, we in USA have an opt-in default. big difference. If govt does try to protect, what would happen to companies like Facebook, Google, whose main value is to be able to use our info? In addition, with the Internet of Things, our data are being captured in almost everything we do each day. Again in EU, they have the Right to be Forgotten regualtions that we don't. Your thoughts?

EU has figured this out and established regulation to govern citizens privacy etc, effective in May 2018. It is called GDPR. One day it will be here in US, hopefully. but only if we the people demand it.