Security Doesn’t Work if it “Doesn’t Work for People”

Speaking at Infosecurity Europe 2017 professor Angela Sasse, director, UK Research Institute in Science of Cyber Security, UCL, said that good security is not just about having ‘better’ policies as a lot of security policies are very counterproductive if they “do not work for people.” As a result, professor Sasse claimed it’s now time for a shift in thinking if we are to improve user behavior, with particular focus on moving away from the notion that the human is the ‘weakest link’ in security who should take the blame for security issues. “There is this need to reshape the relationship between the IT security team in an organization and the people who use IT security,” she added.

Read full news article on Infosecurity