Conversation

Replying to
3/ Original Internet security culture was/is weak because of some mix of RCRC-RERO, NSA, key leverage ideas like blockchain being in future
3
1
Replying to
5/ State of s/w security culture: industry spends too much on security theater that does nothing, too little on fundamental advances
2
8
Replying to
5/ I think one reason for this state is that security concerns, like usability concerns, fundamentally conflict with agility concerns
1
10
Show replies
Replying to
8/ But you can't fully model either user behavior or threat environment that early, to build usability/security "theory" into product DNA
5
8
Replying to
9/ So InfoSec people, like design people often seem to feel ignored and underappreciated until a crisis makes their role important
1
7
Show replies