The phrase conjures up images of Colin Firth, striding purposefully through a crowd of swooning bonnets, his muscular thighs throbbing through his data breaches. Phwooar...
And yet, and yet. For some reason, it's still terribly hard to get people interested in security.
Everyone, from Sony to Citigroup, has been compromised recently. Sources say 9 in 10 companies will have been penetrated and had their assets sniffed by some intruding agent. It shouldn't be allowed!
But what can the IT security expert do?
How do you make users aware of the types of breach?
How do you quantify the types of damage (loss of customers, loss of reputation, litigation over the breach, the inability to gain new customers, loss of shareholder value - I'm sure you can think of more) to exemplify to the user the seriousness of a breach?
What are the precautions that should be taken? And who needs to be reminded that each precaution is their responsibility? How does a CIO/security chief get the message home, without boring the pants off the users?
How do you make sure you can authenticate, without suffocating?
How does the risk vary as you go upscale, from mum and pop's shop to the multinational?
How, then, can stronger forms of authentication help make organizations more secure, in sectors from banking to national identity?
What innovative solutions are companies deploying to combat cyber attacks?
And how can they keep up with the pace of change as hackers develop ever more sophisticated methods?
Come on security experts. How do we get the users engaged? If we don't, none of your security measures will work. No matter how clever they are!
Answers in a reply box (see below) please!
Photo courtesy: ThinkStock
This was first published in July 2011