Picture credit: fallsroad
We need a holistic approach to information security that properly encompasses the social/ cultural aspects, rather than the prevailing exclusive emphasis on security technology.
Of course, the cynical part of me realises that “security technology” is such a big business and that might not be helped by promoting the necessary improvements to social and cultural behaviours.
Nevertheless, a truly joined-up approach is desperately needed by many organisations, especially those lulled into a false sense of security by ticking the technology boxes but not ticking the people and process boxes. (see downloads)
Pingback: Stuart King's Security and Risk Management Blog