AOH :: ISNQ6964.HTM

Intel CISO: The biggest threat to security is a misperception of risk




Intel CISO: The biggest threat to security is a misperception of risk
Intel CISO: The biggest threat to security is a misperception of risk



http://www.csoonline.com/article/615413/intel-ciso-the-biggest-threat-to-security-is-a-misperception-of-risk 

By Joan Goodchild
Senior Editor
CSO
September 16, 2010 

What is the most significant vulnerability that information security 
faces today and in the future? According to Malcolm Harkins, CISO of 
Intel, the biggest threat facing infosec is the misperception of risk.

Harkins spoke Thursday at the Forrester Security Forum 2010 in Boston 
and asked infosec professionals who attended to first ponder what they 
thought was the biggest risk they are facing within their own 
organizations. Several people had answers: Insider threats and people 
were suggested by some. Harkin agreed that it is indeed people, but not 
perhaps for the reasons participants had in mind. Instead, he argued, 
both exaggeration and underestimation of risk in the human mind is what 
leaves us most vulnerable to danger.

There are two things that drive misperception: economics and psychology, 
said Harkin. When it comes to economics, choices are made by decision 
makers as they are affected by incentive and resources.

"As a security professional, I've started thinking about the fact that 
we are choice architects. We are trying to get people to think about 
things and make decisions," he said. 

[...]


_______________________________________________________      
Subscribe to InfoSec News - www.infosecnews.org 
http://www.infosecnews.org/mailman/listinfo/isn 

Site design & layout copyright © 1986-2014 CodeGods