Said, not enough

Here’s a trope worth repeating: Humans are / aren’t the weakest link in your InfoSec.

Are, because they are fickle, demotivated, unwilling, lazy, careless, (sometimes! but that suffices) inattentive, uninterested in InfoSec but interested in (apparently…) incompatible goals.

Are, because you make them a single point of failure, or the one link still vulnerable and through their own actual, acute, risk management and weighing, decide to evade the behavioral limitations set by you with your myopic non-business-objectives-aligned view on how the (totalitarian dehumanized, inhumane) organisation should function.

Aren’t, because the human mind (sometimes) picks up the slightest cues of deviations, is inquisitive and resourceful, flexible.

Aren’t, because there’s so many other equally or worse weak links to take care of first. Taking care of the human factor may be the icing, but the cake would be very good to perfect for making the icing worthwhile…!

Any other aspects ..? Feel free to add.

If you want to control ‘all’ of information security, humans should be taken out of the (your!) loop, and you should steer clear of theirs (for avoiding accusations of interference with business objectives achievement, or actually interfering without you noticing since your viewpoint is so narrow).

That being said, how ’bout we all join hands and reach for the rainbow ..? Or so, relatively speaking. And:
[Where all the people are; old Reims opera (?)]


About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Privacy, Sociological, psychological notes and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s