Slashdot Mirror

← Back to Stories (view on slashdot.org)

Humans Not Evolved for IT Security

Posted by ScuttleMonkey on from the wait-it-guys-have-emotions? dept.

Stony Stevenson writes to tell us that at the recent RSA Conference security expert Bruce Schneier told delegates that human beings are not evolved for security in the modern world, especially when it comes to IT. "He told delegates at the 2007 RSA Conference that there is a gap between the reality of security and the emotional feel of security due to the way our brains have evolved. This leads to people making bad choices. 'As a species we got really good at estimating risk in an East African village 100,000 years ago. But in 2007 London? Modern times are harder.'"

1 of 302 comments (clear)

  1. Re:do you want to check my shoes? by Kjella · · Score: 5, Informative

    And don't forget CYA security - security rules that aren't being followed and aren't being enforced either - but that exist solely so that when shit hits the fan, the bosses can say it was against policy. These are usually extremely draconian, impossible to implement or practicly impossible to follow while getting work done. But hey, it looks good on paper...

    --
    Live today, because you never know what tomorrow brings