Ambassador Cofer Black gave a clear example of the attitude of governments and businesses. "Unless you can prove the risk we will not spend to prevent it." That perhaps means that those of us who have been in the business a while, are not convincing enough with our risk assessments, or perhaps want to spend too much to prevent the damage.
When we look at risk in our personal lives we make judgements or how to deal with potential risks. We insure against some, we put in better locks, we may put up bars and sometimes we choose to accept the risk because the cost of mitigating them is higher than the damage cost. I, for instance insure my house and car but choose not to insure against breakdown of my car. I prefer to ensure that proper maintenance minimises the risk of needing to call on such a service, so far it has proved to be the most economic option.
Now I am retired and confine my help to silver surfers, when it comes to cyber risks I practice and teach common sense and the use of basic "locks". AV and firewalls, strong and different passwords in a four level password strategy (see http://www.healthypasswords.com/ for some good examples) and most important - read what it says on the screen.
Perhaps the way forward to make sure that we are careful not to exaggerate the risks but clearly present the potential damage costs.
Discussion on:
View:
Show:
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
