The Human/Password Problem
Have you ever wondered why enterprise security people are so downtrodden? Have you ever been baffled by the seemingly impossible arrogance of penetration testers when they laugh at corporate security postures?
Headlines like this one at PC Magazine make all that real:
Now I ask you – those of you who attended the RSA Conference 2012 – what awesome, cool, and shiny new technology did you get wowed with that helps your enterprise against that headline?
While there were certainly lots of fantastic solutions to some of IT’s most complex problems, the simple ones continue to elude us. How do we solve the human problem?
The bottom line is this – people have always been, and will continue to be, your Achilles heel in the enterprise. What I find interesting is that in information security, for the last two decades, we’ve been solving for and attempting to cure many of the symptoms of the people problem without actually addressing the actual problem head-on.