We need to reset the relationship users have with security. We can transform it into a positive force for not only the risk management of the company, but the personal safety of those we work with
Bingo.
I think there are a lot of security practitioners reading this that likely undervalue their knowledge and underestimate how much it can improve lives of the folks they work with. It's too much work to do manually, but if this knowledge can be codified and dispensed dynamically when it's most needed, it will have a major positive impact on individuals, and ultimately, improve security at their company.
I think the current nature of the cybersecurity market - and I say "market" in both the normal buying and selling nature, and the more purist sense an economist might - is so fraught with smoke, mirrors, and snake-oil that the average person can't make out the good advice from the bad without help. That help is often simply absent.
I wrote about this years ago from the perspective of national cybersecurity communities - Asymmetric Information in Cyber Communities - but it's equally true in the smaller scales of corporate and home security. It's something that's being picked up by the mainstream, slowly - a "market collapse" in cybersecurity is a very bad thing indeed, and people are understandably nervous that it might be occuring.
The fact is, your corporate security practitioner should be your most trusted source of what best practice really is. And sadly, all too often, corporate security ends up being a tiresome stick we are beaten by instead. That has to change - it must change - and it has the potential to effect a step change in the quality of our security.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Bingo.
I think there are a lot of security practitioners reading this that likely undervalue their knowledge and underestimate how much it can improve lives of the folks they work with. It's too much work to do manually, but if this knowledge can be codified and dispensed dynamically when it's most needed, it will have a major positive impact on individuals, and ultimately, improve security at their company.
I think the current nature of the cybersecurity market - and I say "market" in both the normal buying and selling nature, and the more purist sense an economist might - is so fraught with smoke, mirrors, and snake-oil that the average person can't make out the good advice from the bad without help. That help is often simply absent.
I wrote about this years ago from the perspective of national cybersecurity communities - Asymmetric Information in Cyber Communities - but it's equally true in the smaller scales of corporate and home security. It's something that's being picked up by the mainstream, slowly - a "market collapse" in cybersecurity is a very bad thing indeed, and people are understandably nervous that it might be occuring.
The fact is, your corporate security practitioner should be your most trusted source of what best practice really is. And sadly, all too often, corporate security ends up being a tiresome stick we are beaten by instead. That has to change - it must change - and it has the potential to effect a step change in the quality of our security.