Why do we continue to live with the situation that we have?
Why are we willing to live with risks?
It has been shown from the ever capable Bruce Schneier youtube and his blog posts
Humanity is risk averse when it comes to gains and risk seeking when it comes to losses.
Here is a noted sentence:
“Security is a tradeoff,” Schneier said, speaking to a packed audience at his RSA session. “What are you getting for what you’re giving up? Whether you make that tradeoff consciously or not, there is one.”
For example almost no one wears a bullet proof vest (if only police wear them, and then only in certain situations – this is a case in point).
This is the first part of his Psychology of Security essay
It is good to know one’s own inclinations of security.
Bruce did not go into detail as to what that actually meant as far as securing ones own network meant.
I think it means most business owners(70%) would take the risk (risk seeking in losses) due to the natural inclination of not vividly seeing themselves in a worst case scenario. The chances are nothing will happen thinks the business owner, so it won’t.
Maybe we as a security community have not created the true picture of network security for the business owner to understand in a manner that is needed.
It is a worthwhile endeavor to spend $X dollars to reduce the risk of a security failure.
The problem is when all of our devices are connected to the Internet we are more insecure. As the Internet grows (as per Cisco “The Internet of Things“)
Actually what I would be focusing on is the people who will be connected to the Internet. How many of those people will be criminals?
We do not go to the “bad” part of town on a regular basis. But if we re connected to the Internet we are going to the bad part of town every day and every second.
So this lack of security consciousness will catch up with us … very soon.
Tony Zafiropoulos August 22, 2014
www.fixvirus.com owner since 1999