The Human Factor

Saturday, December 24, 2011

Jim Palazzolo


I asked a colleague of mine how he was doing today just to create some small talk, and told the cashier at the gas station to have a happy holiday. 

I opened my email to see if anyone was attempting to reach out to me for something.  I text my brother in another city to say "hi", and called my mom to discuss this year's Christmas plans. 

After all my social tasks were completed I began my study for the up-and-coming final exams on campus.  While studying I realized how sterilized my field of study has become, but was struck by the implication of the scope. 

In reflection I realized that all of us spend a large amount of time in virtual space, and in Information Security we discuss things on a strategic level that leaves us far removed from the tactical consequences.  

So this is my point to this blog:  The Human Factor.  When was the last time you spoke to the victim, or explained to them their lack of recourse for their loss?  When was the last time you placed yourself in the shoes of someone whose digital foot print had somehow been used against them? 

The Cyber Age has brought amazing advances in technology and telecommunications that has revolutionized the way in which the world itself lives and breathes, but at the same time it has made us less human.  There is no conclusive evidence to reinforce this opinion, but you can feel it on the streets as more people lean into their text messages than exchange small talk at a bus stop.    

It is my hope this holiday season to bring a reminder that what we do has very real human consequences at the end of the process.  Each strategic and tactical level decision places another person's life in our hands. 

So with the advent of the holiday upon us and a new year about to begin I'd like to say this to those that stand as the vanguard to the frontier that is our new unpaved future:  Never forget that what we do is ultimately about people. 

Far too often I have experienced security and IT professionals hiding behind their door, badge, or monitor.  I urge industry professionals to make a New Year's resolution to get out and engage people on a human level (i.e. get to know them); if, for nothing else, to actively engage their area of supervision probing for social engineers that maybe attempting to gain access to their space. 

It is my opinion that when we truly understand that every server we secure, policy enforced, card swipe device locked down, banking website code scrubbed, and public facing connection port blockaded has a human being at the end we will then fully grasp the concept of "defense-in-depth".  People go about their day-to-day business hoping that the world they live in is a safe place to be, and it is in our hands that their hope has been placed. 

So with these things in mind I extend through this blog my humanity and wish to all a safe and happy holiday, and a blessed new year. 

Possibly Related Articles:
Security Awareness
Information Security
Enterprise Security Defense in Depth Information Security Infosec Professional Human Factor
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.