WebApp Sec mailing list archives

Re: The biggest thing affecting software security? People, apparently.

From: Steve Milner <smilner () trinityz com>
Date: Wed, 29 Jun 2005 19:26:27 -0400

Nick Murison wrote:

Hi all,

www.threatsandcountermeasures.com just closed their poll on what people
thought was the biggest thing affecting software security.  The results were:

People:     80.3%
Process:    18.2%
Technology:  1.5%

Results also available from www.threatsandcountermeasures.com/PastPolls.aspx.

If this is the case, then why is there such a huge financial investment in
security technology?  Is the human factor expected to magically improves once
we've got the "right" technology?

No, but people are the hardest thing to patch. You can inform them, youcan work with them, you can even threaten them to follow good securitypractices but someone always constitutes for the weakest link in the chain.


Steve

Current thread:

The biggest thing affecting software security? People, apparently. Nick Murison (Jun 29)
- Re: The biggest thing affecting software security? People, apparently. Steve Milner (Jun 29)
- RE: The biggest thing affecting software security? People, apparently. Lyal Collins (Jun 29)
- Re: The biggest thing affecting software security? People, apparently. Clinton E. Troutman (Jun 30)
  - Re: The biggest thing affecting software security? People, apparently. Amit (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. Irene Abezgauz (Jun 30)
- Re: The biggest thing affecting software security? People, apparently. . . (Jun 30)
  - Re: The biggest thing affecting software security? People, apparently. John Manko (Jun 30)