Thank you and My #infosec Hopes For 2019
@jerry I'd be pretty interested to know the directions and thoughts you have around behavioral economics/psychology & InfoSec.
I spend a lot of time thinking about the way folks act and think. Haven't had a lot of opportunity to put it into InfoSec (beyond working to sympathize and work with those who don't understand the insecurity of their work). Would definitely love to hear the discussion
@jerry I'm interested in both. In the end, IT, Sec folks, and Management are all just different kinds of users. Trying their best and being manipulated and controlled by their subconscious influences as much as anyone else.
It's just their actions have a greater impact than most individuals, haha
@entreprelife exactly. The fact that we have so many breaches tells us a lot about people who design and run security programs. They are often unaware of risks because they are ignorant of various ways things can go wrong, or dramatically underestimate the likelihood or the impact of a compromise. All that seems obvious, but I am fascinated with why this is and how we improve the situation.
A Mastodon instance for info/cyber security-minded people.