The idea of a "security poverty line" is close to my heart, and more relevant today than ever. It's important to understand the complex dynamics that keep organizations from being secure; it's not just a matter of spending money or having the will. https://twitter.com/duosec/status/1359159621043318787
Too many non-practitioners chalk up insecurity to the organization being lazy, stupid, apathetic, or malicious. But when you really look into the causes of an incident, you'll see a web of constraints and attempts to do the best with what they had at the time.
I am certain that we don't understand all the factors that underlie security poverty and how to fix it; it's as complex an issue as health care reform is in the US. I just know that we need to work on learning more, not scolding more.
You can follow @wendynather.
Tip: mention @twtextapp on a Twitter thread with the keyword β€œunroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.