Belief & Culture: Build Awareness
Assignment Overview
To know about a field and keep abreast with what happens, especially a field that changes and advances fast, it is important to know the "Who's Who" in the field. Bruce Schneier is a top information security technologist and author, and has been named by The Economist as "security guru." (see http://www(dot)schneier(dot)com) It will be worthwhile for you to visit his website on a frequent basis in you want to pursue a Chief Security Office career.
The following multi-media presentation delivers what Schneier's view on information security management. If you have bandwidth issue and can't watch the video, then you can hear his speech from the audio stream. In the presentation, Schneier suggests a framework of "feeling, reality, and model" and explains how these three should be in sync. He also emphasizes how the "feeling" of security plays a role and how important a person's cognitive perception (partially coming from the person's belief and culture) is.
Bruce Schneier discusses on Ted Talks the Security Mirage, October, 2010 at https://www(dot)ted(dot)com/talks/bruce_schneier.
If you can't watch the video or hear the audio, then you must read the following article which covers the topic. Otherwise, you should still scan through the article to refresh what you heard and grasp some new concepts that didn't get explained in-depth in the presentation:
Schneier, Bruce. (2008) The Psychology of Security. http://www(dot)schneier(dot)com/essay-155.html.
Another "Who's Who" in the security field is Mark Seiden (a Cutter Consortium consultant, 35 yrs of programming experience, on the technical advisory board of Counterpane, among top 50 CyperElite). Please listen to his speech, where Mark emphasized the need to build proper organizational and customer awareness of security needs.
Seiden, Mark. Speech. Please click here.
There are many factors influencing one's belief. Culture is one factor, upbringing is another one. So is a person's education and exposure on the subject. I can't affect your culture or upbringing, but I would like to educate/expose to you some concepts that can influence what you think regarding to security. Remember, I am only scratching the surface here. You need to continue educate yourself and build awareness of security for yourself and your organization.
Mercuri, Rebecca T.; Neumann, Peter G. (2003) Security by Obscurity. Communications of the ACM, Nov2003, Vol. 46 Issue 11, p160-160. (TUI library).
Hoepman, Jaap-Henk; Jacobs, Bart. (2007) Increased Security Through Open Source. Communications of the ACM, Jan2007, Vol. 50 Issue 1, p79-83. (TUI library).
Now it is time to write about what you learned in the background readings. Writing about what you learned is like digesting food. Only through your own language, you can truly assimilate and absorb.
After you have "strategically" read the above materials, and, more importantly, thought about them critically and inter-connectively, compose a 4- to 6-page paper on the topic:
Why is it important to build one's awareness and proper perception of information security? And how does one build such awareness/proper perception in the management of an organization?
In preparing your paper, you need to discuss the following issues, and support with arguments and evidence:
•What is the framework suggested by Scheiner? Do you agree or disagree?
•How is Scheiner's framework connected with the framework suggested in Module 1?
•Summarize key points from Seiden's speech.
•What are your views on "security by obscurity" and "enhancing security via open source"? What are they? Why do you hold your views?
•How would you help the managers in an organization to build security awareness and proper perceptions?
Assignment Expectations (50 points total)
Length: Minimum 4–6 pages excluding cover page and references (since a page is about 300 words, this is approximately 1,200–1,800 words).
Assignment-driven criteria (25 points): Demonstrates clear understanding of the subject and addresses all key elements of the assignment.
Critical thinking (10 points): Demonstrates mastery conceptualizing the problem. Shows analysis, synthesis, and evaluation of required material.
Scholarly writing (5 points): Demonstrates writing proficiency at the academic level of the course; addresses the Learning Outcomes of the assignment.
Quality of references (4 points) and assignment organization (3 points): Uses relevant and credible sources to support assertions. Assignment is well organized and follows the structure of a well-written paper.
Citing sources (3 points): Uses in-text citations and properly formats references in APA style.
The Psychology of Security
Name
Institution
The Psychology of Security
Bruce Schneier is one of the most inventive security experts in the world today. In his 2008 analysis titled The Psychology of Security, Schneier offered a framework for use by security managers that has remained in use up to date. According to Schneier, security managers make critical decisions on the basis of how they perceive different things. According to Schneier, security decisions are made as a trade off, meaning that one will only make the decision based on what they will get in return. Such decisions according to Schneier are made either consciously or unconsciously in relation to the risk at hand (Schneier, 2008). An example of this is the scenario where one would wear a bullet proof vest if they knew that they were likely to get shot.
According to Schneier’s theory, understanding how the human mind works help in making CRUCIAL security decisions. In most cases, people believe that they are safe just because they see something that looks like security measures in action. However, these measures are often false and do nothing to guarantee the security of people. Towards this end, Schneier advises people to ensure that the security measures being put up to protect them are actually working and not just a security theater. In addition to this, Schneier also indicates that people tend to fear a new risk that is rare even if there are other existing risks that are more potent but which have been around for longer. This means that in the next few years people will be less afraid of the security risks that are present today (Schneier, 2008).
Personally, I think that the framework proposed by Bruce Schneier is ideal in many ways. As an individual, there are many moments where I have behaved in a certain way only to realize later on that I was afraid of were not in place at that time when I thought that they were. As an individual I find that I there are certain things when I know that there is a surveillance camera recording the happenings and then I do the same things when I know that there is no security camera in sight. This is the line with the framework proposed by Schneier regarding the psychology of security (Barak, et al, 2014).
The view given by Bruce Schneier is supported by Mark Seiden, who points out that what we call security today is nothing but an imitation of what security is supposed to look like. According to Seiden, even though an organization might have high security, there is always a weak link that can be exploited to the disadvantage of the organization. To this end, Seiden warns that thinking only about the information technology security is not enough as someone can still tamper with the physical security of the structure where the system is kept. This means that any organization or individual should think widely before investing in security. Instead of just relying on one provider, Seiden advises that one should hire different security providers to advice on the security system as what one provider might see might be lost for others. Seiden claims that people always feel that they have proper security, but they are unable to justify it when pressed further.
While many security managers do everything...
You Might Also Like Other Topics Related to culture essays:
- Organizational Culture & Ethical Decisions1 page/≈275 words | 2 Sources | APA | Health, Medicine, Nursing | Essay |
- Organizational Culture and Change1 page/≈275 words | 1 Source | APA | Business & Marketing | Coursework |
- Culture Diversity Mod 3 SLP: Korean Culture3 pages/≈825 words | 3 Sources | APA | Health, Medicine, Nursing | Essay |
- Mexican Culture and Traditions1 page/≈275 words | 1 Source | APA | Health, Medicine, Nursing | Research Paper |
- MGT 501: Organization Culture Essay2 pages/≈550 words | 2 Sources | APA | Business & Marketing | Essay |
- Article of Interest about Culture1 page/≈275 words | 1 Source | APA | Visual & Performing Arts | Article Critique |
- Cultural Group for Structured Study: North Korean Culture3 pages/≈825 words | 3 Sources | APA | Health, Medicine, Nursing | Essay |