The information security industry needs to adopt rational models rather than emotional ones for risk management, according to the Deputy Assistant Director of the FBI, Donald Freese.
During the opening keynote session at (ISC)2 Congress in Austin Texas on September 25 2017, Brandon Dunlap, senior manager of security, risk and compliance at Amazon, interviewed the FBI’s Freese about “a brave new cybercrime world”.
Freese criticized the industry’s confusion over terminology, arguing that “talking about threats as risks does not give us traction. It confuses the message and causes the problem that we are crying wolf.
“Cybersecurity professionals get distracted by the threat because the threat is more fun. We’ve studied threats for decades but we need to get down to intent and capability”, he said.
Using emotion and fear to drive risk management conversations means that cybersecurity professionals are failing the fundamental message. “We should not lose sight of the fact that security is a service that we should be providing”, said Freese.
No tags.
