top | item 39217461

(no title)

mmvasq | 2 years ago

No one disagrees. Consider project management; for example, which has had many failed projects, has evolved, is still incredibly imperfect. Health care services, have had many flaws, continue to evolve, are still incredibly imperfect. Marketing, has had many flaws, has advanced, is imperfect. Pick one or two problems and advance them. Try not to kill people in the process which is all too common in tech.

discuss

justin_oaks|2 years ago

Ultimately, the problem is self-interested people, misaligned incentives, and insufficient legal recourse for victims.

What's the motivation to do anything right in security if most of the time you don't have a breach and you can get away cutting corners? When something does go wrong, you can blame it on underlings, claim it was a "sophisicated attack from nation-state actors", and rely on the public to not care?

I don't know that security is comparable to project management, health care services, or marketing. Inefficiencies in those have visible costs and reasonably good incentives for improving them.

mmvasq|2 years ago

That’s when you step away. Come back later and take that last statement and spin it to a question instead. Can security have viable costs and incentives- what is a new way to improve it? Can’t see opportunity any more then take a break. I hate the nation state lies they muddy the real issues. That is not saying there are not threats, yet the hype and lazy attribution isn’t improving anything.