By Joan Goodchild
September 16, 2010
What is the most significant vulnerability that information security
faces today and in the future? According to Malcolm Harkins, CISO of
Intel, the biggest threat facing infosec is the misperception of risk.
Harkins spoke Thursday at the Forrester Security Forum 2010 in Boston
and asked infosec professionals who attended to first ponder what they
thought was the biggest risk they are facing within their own
organizations. Several people had answers: Insider threats and people
were suggested by some. Harkin agreed that it is indeed people, but not
perhaps for the reasons participants had in mind. Instead, he argued,
both exaggeration and underestimation of risk in the human mind is what
leaves us most vulnerable to danger.
There are two things that drive misperception: economics and psychology,
said Harkin. When it comes to economics, choices are made by decision
makers as they are affected by incentive and resources.
"As a security professional, I've started thinking about the fact that
we are choice architects. We are trying to get people to think about
things and make decisions," he said.
Subscribe to InfoSec News - www.infosecnews.org