Monday, September 15, 2008

Patching users

In a rare flash of insight, I realized that I spend most of my days talking to people in my organization about what security is, and how to do things in a way that a) they can get their work done, b) they can get their work done, and c) how to get there work done in a way that slightly lowers the organization's exposure to information risks.

I do not spend a lot of time on technology at all. This is in line with observations that the real threat to information security is caused by a vulnerability commonly known as a user.

Life would be so much easier if patching users was as simple as patching servers!



No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.