Cybersecurity Governance E039 2024 10 05 A Bit of Security for October 5, 2024
Today we’re talking about tone at the top, and security governance in broad terms.
First, happy new year to all who celebrate.
Lawrence Lessig wrote an insightful and helpful book “Code and Other Laws of Cyberspace.” He describes four ways to manage behavior: Law, Social Pressure, Economic incentives, and Architecture. His example concerns kids driving too fast in the college parking lot. Apply Law: put up a speed limit sign, with appropriate sanctions for violations. Social Pressure: the teachers say, don’t speed. Economic incentives: Charge kids some money for driving too fast, add it to their tuition bill. Architecture: put in speed bumps. Note that Law and Economic Incentives apply after a violation; social pressure and architecture are proactive.
Over the past few days, I was on eastern Long Island, where I visited the Montauk Lighthouse. We wanted to park for a moment to walk along the coast. The parking cost $8, so my friend asked if it was $8 even today, out of season, when so few people were there. The guard said, “Yes, but there is no charge if you are 62 years old or older, and a New York State resident.” Bingo! She pulled out her NYS Driver’s License and we got a spot. Walking toward the lighthouse, I wondered – “Did she just make up that exception for us, or was that really the law? My friend said I should look it up, and I did. Indeed. During the week, except for certain holidays, people 62 and older can park for free at most NYS parks.
It was beautiful! Walking along the path, I noticed a discarded plastic wrapper on the grass. The scene was nearly perfect, but I took a moment to pick up the litter and find a trash can. Someone didn’t take the time to throw away their scraps, so everyone who came after had their view disturbed at some level by that garbage. I spent some time to remediate the defect. There was no sign saying “No Littering” but there shouldn’t have to be. And there was no reward for picking up the trash other than my improved view – and the improved view of every person who walked along that path afterwards.
Each of these five incidents talks about governance. Why do we do it? Because it’s a good idea, because it makes the environment a bit nicer, safer, and more comfortable for each of us, because we collectively put rules in place and have trustworthy leaders enforcing those rules, and because otherwise we would spend too much time picking up after each other to get anything truly worthwhile done in life.
Read Lessig. Participate in governance. Leave it better than you found it.
Security Governance E039 A Bit of Security for October 5, 2024
What is cybersecurity governance? Why do we bother to govern security, anyway? Listen to this -
Let me know what you think in the comments below or at wjmalik@noc.social
#cybersecuritytips #governance #toneatthetop #trustworthiness #socialgood #BitofSec
Музыка
Фильмы
ТВ Шоу
Категории видео
