The Weakest Link | Tony Bradley

The Weakest Link

by Tony Bradley • August 31, 2007 • Blog

Andy Greenberg wrote an article for Forbes.com titled Accounting For Human Error, which illustrates how human beings, the users themselves, are the weakest link in the security chain. Enterprises spend millions, or even tens of millions of dollars on security technology and security expertise to ensure their networks and data are protected, but it only takes one person breaking policy (whether through negligence, ignorance, or malicious intent) and the data is compromised. He is not the first one to point this out.

I wrote an article with a similar subject on my About.com site in March of 2005. I also wasn’t the first to write about this topic, and not much has changed since. It is the main reason that I think the system is upside down and why I focus on educating normal, average people. You can spend tens of millions of dollars on tools and technologies that can be rendered useless by one careless user, or you can invest in educating the user, which- if it works- will alleviate the need to spend so much on tools and technology.

Tags: Blog

About Tony Bradley

Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

http://www.tonybradley.com
My Sites
Testimonials
"Tony is not simply knowledgeable; after all, lots of people are knowledgeable. What makes Tony so good to work with is that, in addition to having that knowledge, he knows how to communicate complex information in a way that even non-technical types can understand."
Rod Scher
Smart Computing Magazine
Twitter
- Facebook marketing may not be worth it for GM's $10 million, but that doesn't mean that Facebook ads don't work. It… https://t.co/4ilENa2T about 23 hours ago from ManageFlitter Reply Retweet Favorite
- Why Facebook Marketing Doesn't Work for GM. http://t.co/WN0RBkxa about 23 hours ago from TweetDeck Reply Retweet Favorite
- New and Improved SkyDrive Is a Threat to Dropbox. http://t.co/7pblpuQ7 01:58:01 PM May 16, 2012 from web Reply Retweet Favorite
@thetonybradley
Facebook

Tony Bradley on Facebook