Partially. Too much of the software and defenses require the user to act in a specific way to complete the defenses. And humans are not rational beings. This gives attackers ways to circumvent the security measures. This in addition to cybersecurity too often being an afterthought.
Yes, which is why I said ‘and also get employees to follow basic cybersecurity practices.’
If the problem is either company culture or human nature is in the way of implementing cybersecurity properly, and I can assure you that this is true, having managed cybersecurity policies at a large non profit for over a year…
…then the field of cybersecurity should actually be figuring out how to successfully mitigate or solve this issue, they should be focusing on far more than just esoteric techno buzzwords in their marketing, and you know, actually be capable of delivering ‘security’, the thing they claim to sell.
If that means pivoting to things like the imoportance of training employees, developing a security conscious company culture, holding seminars to convince execs and middle management to not have cybersecurity as an afterthought as well as what it actually takes to actually be secure… then the field of cybersecurity should do that.
Sorry if i came off as too hostile, a bit off the anger may have carried over from explaining to graphics card marketing buzzword enthusiast ninjan, as politely as i could, that he has no idea what its actually like to work for a world class tech firm as a software engineer, over in another thread.
Partially. Too much of the software and defenses require the user to act in a specific way to complete the defenses. And humans are not rational beings. This gives attackers ways to circumvent the security measures. This in addition to cybersecurity too often being an afterthought.
Yes, which is why I said ‘and also get employees to follow basic cybersecurity practices.’
If the problem is either company culture or human nature is in the way of implementing cybersecurity properly, and I can assure you that this is true, having managed cybersecurity policies at a large non profit for over a year…
…then the field of cybersecurity should actually be figuring out how to successfully mitigate or solve this issue, they should be focusing on far more than just esoteric techno buzzwords in their marketing, and you know, actually be capable of delivering ‘security’, the thing they claim to sell.
If that means pivoting to things like the imoportance of training employees, developing a security conscious company culture, holding seminars to convince execs and middle management to not have cybersecurity as an afterthought as well as what it actually takes to actually be secure… then the field of cybersecurity should do that.
Ab-so-lutely! I was n’t aware I challenged your notion. I thought I was merely expanding on it. But we agree.
Sorry if i came off as too hostile, a bit off the anger may have carried over from explaining to graphics card marketing buzzword enthusiast ninjan, as politely as i could, that he has no idea what its actually like to work for a world class tech firm as a software engineer, over in another thread.