Security specialists develop policies and security mechanisms to stop them, but find in practice that people make mistakes or don't comply with the instructions about what (not) to do. They blame people for not understanding the risks and see the security-education of staff and the general public as the answer. But research over the past decade has shown many best-practice security policies and mechanisms are unworkable and ineffective.
This lecture identified the gaps in understanding and skills between business owners, software developers and security specialists that led to those solutions - ‘silo thinking’, diffusion of responsibility, failure to measure effectiveness - and identifies the knowledge and skills they need to avoid repeating their mistakes. What knowledge and skills do consumers and citizens need to stay safe online?
Highlights
