This article is a scholarly article that talks about how the private sector is experiencing security breaches due to optimism bias. I found this article by searching Carnegie Mellon University's webpage called CUPS. CUPS is an acronym standing for Cylab Usable Privacy and Security Laboratory. It is a webpage that has many scholarly writers and articles that speak of internet privacy and issues that are facing the world today. The article is written by Sasha Romanosky who is a member of CUPS. He wrote this article for the Pittsburgh Post Gazette, and he has been working in the e-commerce and financial security technology field for over ten years. He is also the co-developer of the Common Vulnerability Scoring system which scores computer vulnerabilities. This qualifies Romanosky, and this article as a scholarly article.
In this article, Romanosky argues that many companies in the private sector are hurting themselves and are dangerously close to being victims of security breaches based on optimism bias. He states that this optimism puts them in a state of denial, and leaves them vulnerable. He outlines a set of initiatives that every company should put in place in order to be better prepared to protect their data. These initiatives include a start with top managements commitment to security. He also advises that each company create a set of labels to classify data. This will help to ensure the data that needs to be kept private is separated and will highlight the levels of security for each level of data security. Based on where these data categories fall, different security measures should be created. Finally, these categories should be published and well known throughout the company.
This article gives ideas to companies regarding security of data. These ideas are very valid, and focus on upper managements ability to create a system of security that does not assume that a breach will not happen to you. He creates this idea by calling out potential readers and companies and the overall private sector's attitude of optimism that a security breach will not happen to them.
I found it interesting that the small businesses could find themselves vulnerable because of their optimism. It's not something you normally think about before you start up a business.
ReplyDelete