http://www.csoonline.com/article/615413/intel-ciso-the-biggest-threat-to-security-is-a-misperception-of-risk By Joan Goodchild Senior Editor CSO September 16, 2010 What is the most significant vulnerability that information security faces today and in the future? According to Malcolm Harkins, CISO of Intel, the biggest threat facing infosec is the misperception of risk. Harkins spoke Thursday at the Forrester Security Forum 2010 in Boston and asked infosec professionals who attended to first ponder what they thought was the biggest risk they are facing within their own organizations. Several people had answers: Insider threats and people were suggested by some. Harkin agreed that it is indeed people, but not perhaps for the reasons participants had in mind. Instead, he argued, both exaggeration and underestimation of risk in the human mind is what leaves us most vulnerable to danger. There are two things that drive misperception: economics and psychology, said Harkin. When it comes to economics, choices are made by decision makers as they are affected by incentive and resources. "As a security professional, I've started thinking about the fact that we are choice architects. We are trying to get people to think about things and make decisions," he said. [...] _______________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Thu Sep 16 2010 - 23:37:50 PDT
This archive was generated by hypermail 2.2.0 : Thu Sep 16 2010 - 23:46:55 PDT