"Humans are the weakest link."
"Security is everyone's responsibility."
These ideas are taken as self-evident truths in cybersecurity, to the point of being platitudes. But how true are they? And is relying on these ideas as truths making us any safer?
The way we work, and the information systems that connect and enable that work have undergone transformational and revolutionary changes. Those facts should be enough to merit a re-examination of old ideas. Now add to those changes a resurgence in social engineering, one of cybersecurity’s oldest threat vectors, and engaging with these ideas around human end users and responsibilities at a deeper level -- indeed interrogating them -- is now essential.
My guest is Masha Sedova, President and co-Founder of Elevate Security. I wanted to talk to her about how she confronts these ideas and how she thinks about measuring and mitigating human risk.
Mentioned in this episode: