Strategy

The Importance of Strategy

Engin Akdeniz

3 min read
The Importance of Strategy

For more than two decades, cybersecurity has largely been approached as a technical problem that can be solved by deploying the right tools, framework, procedures, or security platform...

The dominant idea has been fairly simple: deploy the right controls, monitor systems closely enough, and security problems should remain manageable.

Over the years this logic produced an entire industry of defensive technologies providing firewalls, intrusion detection, host protection, vulnerability scanning, PAM, UEBA, DLP, SIEM platforms, XDR, and countless other tools.

There are also a plethora of control frameworks with more or less effective means to manage those tools with prescriptive, descriptive, detective and reactive measures. Many frameworks also ask the target audience to also consider governance and processes but due to the low maturity of the cybersecurity domain itself, those capabilities are never really enforced.

But then, each wave of attacks was usually answered with another category of defensive technology and another layer in the security stack. This way of thinking has shaped how most organizations approach cybersecurity today.

Yet there has always been a problem with this model... Security failures rarely occur because a few security controls are missing. They tend to appear where systems interact in unexpected ways, where assumptions about trust break down, or where operational complexity produces blind spots that nobody fully understands anymore.

In other words, the problem was never purely technical! Still, instead of addressing the structural aspects of the problem, the industry largely continued along the same trajectory. More policies. More tooling. More telemetry. More monitoring. More alerts. Security operations centers, filled with dashboards, trying to find attacks without even understanding the environment they're actually monitoring.

At some point this approach begins to work against itself. Modern computing environments are no longer simple infrastructures that can be neatly segmented and defended at clearly defined boundaries... They are ecosystems composed of cloud platforms, distributed services, connected products, industrial systems, supply chains: a constantly evolving chain of horizontal, vertical, and cross dependencies.

These systems do not behave like static infrastructures and more like dynamic environments in which technology, processes, and organizations continuously interact. Trying to secure such environments purely through technical controls isn't effective. Not because the tools are ineffective, but because the problem itself is different...

Once systems reach a certain level of complexity, security stops being just a technical discipline. It becomes a question of how complex environments behave, how adversaries adapt, how trust is established, and how organizations maintain resilience when parts of their systems inevitably fail or become compromised. Other fields dealing with adversarial and uncertain environments have long approached these questions differently. Military doctrine and intelligence practice, for example, have historically focused less on individual technologies and more on how to operate effectively within complex and unpredictable systems. Cybersecurity is facing the very same dynamics!

Digital infrastructures now underpin economic activity, industrial production, and critical services. At the same time they are becoming more complex, more interconnected, and more difficult to reason about. Artificial intelligence, distributed systems, and cyber-physical environments further accelerate this trend. In such conditions, the traditional model of cybersecurity begins to show its limits...

What is required instead is a broader way of thinking about security. One that focuses less on individual systems and more on the behavior of entire environments. One that considers adversaries, uncertainty, and systemic risk as central elements of the problem. In other words, cybersecurity needs to rediscover something that other domains have known for centuries.

The importance of strategy!

This blog explores that shift. Not by focusing on individual vulnerabilities or specific tools, but by looking at cybersecurity from a wider perspective. How complex technological environments behave. How security operations may evolve in response to increasing automation and artificial intelligence. And how organizations might rethink trust, resilience, and the protection of the processes that ultimately create value. Because if the underlying problem has changed, the way we think about security probably needs to change as well...

Welcome to Meta Taktika!

Read more