![]() ![]() Security experts, like the ones who attend conferences such as CCS, often refuse to prioritize, recommending maximum security without tailoring to specific situations. This sad state of affairs is, in many ways, our fault. Our review of security advice on the web found 374 unique advice imperatives, many of which directly contradict one another. ![]() Even compliance standards - which are designed to provide authoritative security guidance - have numerous problems. End users often get their advice from TV shows, movies, and even misleading influencer ads, while soft ware developers take unvetted suggestions from Stack Overflow. Sadly, the current state of the security advice and information ecosystem is in many respects a disaster. This applies not only to end users, but also to software developers, product managers, and even security operations professionals. Instead, in order to achieve good security and privacy outcomes, people need to absorb and apply high-quality security and privacy information and advice. In the real world, we are nowhere close to that ideal. In an ideal world, automated tools and systems could manage security and privacy seamlessly and transparently with minimal human input. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |