cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Champion

Whose responsibility is security?

 

 

This CNN article talks about one of their reporters being hacked --- at his request --- & shows how hackers can exploit service providers & use information you share to get to you.

 

Which brings me to the subject of the post --- whose responsibility is security?

 

As a service user, should my service provider take a hit, I'd be affected as well.

 

Be it information / identity theft, service unavailability, fraud, etc., if I'm going to be impacted, I would want to ensure my security.

 

 

 

P.S. There's really nothing new here, so this board may not be the place for my post; @KaityEagle, please move it as needed.

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
2 Replies
Contributor I

Re: Whose responsibility is security?

It doesn't help if one doesn't know how the tech works.  Today, I stupidly clicked "allow" on a website that, like thousands of other sites before it, asked me to allow or block notifications.  I don't even know if that's a cookie that should be dismantled, or an ad-based third-party system which will follow me to the end of my earth.

 

Anyway, I clicked it.  I should soon reload my PC in paranoiac fashion.

We've legislated other societal situations in the past, which the average citizen might not properly understand.  RICO laws, fraud laws, hell... think about how nebulous, yet all-encompassing "conspiracy" as a crime is, but thank goodness for the "There Oughta Be A Law" people who want to prevent a crime.

 

Since technology will always outpace legislation, we should remain grateful for the idiot reporter that permits a charismatic person to uckfay his ife-lay for a story.  We can read first-hand about what social engineering is, and hopefully apply enough sense to not respond to the survey at the bottom of the story.

---
Eric Geater, CISSP
I've always said, "There's nothing an agnostic can't do if he really doesn't know whether he believes in anything or not."
Community Champion

Re: Whose responsibility is security?


@ericgeater wrote:

It doesn't help if one doesn't know how the tech works.


 

That's true, @ericgeater, but I'd say that while knowledge / awareness are essential, attitude is what really makes a difference.

 

 

Some of the common mindsets that can be real hurdles when it comes to IT Security are: -

 

  • 'Honestly, I don't care.'
  • 'That's not likely to happen to me.'
  • 'This is really a waste of time!'
  • 'This isn't worth the effort & money."
  • 'I'm too old for this!' *

 

* That came from my father when I was helping him with his Gmail account's security settings Man Wink

 

If someone with an attitude like that lacks sufficient knowledge / awareness, he's not likely to want to improve it; if he already possesses ample knowledge / awareness, he won't be keen on making the best of it.

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz