Thornton A. May: Can infosec cure stupid?

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

Is the world digitizing faster than we can handle it? As a very frequent flier (I'm on a plane about 280 days a year), I find that on just about any flight (you name the continent), in just about every row, passengers of every generation are actively engaged with a vast variety of digital apparatuses to either increase stimuli (music, video, e-books), reduce stimuli (the blessed Bose noise-canceling earphones), buy or sell something, or get work done.

But despite the ubiquity of the devices, hardly any of these people understand how all this gear works, where all the data that makes this magic happen comes from, how to fix things when they break and the implications of our technology usage behaviors on information security and privacy. This is the bomb that's ticking away in every infosec manager's nightmare: user ignorance. The question facing not just chief information security officers but all of us is, "How do we fix stupid?"

My colleagues in academia and my handlers at Computerworld quite rightly counsel me not to throw around the word stupid in print or online. Sometimes, though, no other word suffices. What other term can be applied to the employees and contractors at the Pentagon's Missile Defense Agency (MDA) who were "chided for using government computers to surf porn"?

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Join the discussion
Be the first to comment on this article. Our Commenting Policies