« End to end trust | Main | Positive Approach to Security Requests »

Too much thinking

Some food for thought from this years RSA Conference is that "too much thinking can impair your judgement." That is the message of Malcolm Gladwell who says

We expect those with expertise to give us chapter-and-verse reasons for making that decision. We need to be comfortable with the inherent uncertainty of expertise
This is true, particular when it comes to the task of assessing risk. I've often advocated that risk calculations need to have an additional variable: some x factor based on nothing more than the intuition and experience of the person performing the assessment.

There is often ambiguity and uncertainly around risk in information security. So, intuition counts for a lot.

Tags:

Posted by Stuart King on April 14, 2008 9:00 AM
| View blog reactions

TrackBack

TrackBack URL for this entry:
http://www.computerweekly.com/cgi-bin/mt/mt-tb.cgi/25312

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on April 14, 2008 9:00 AM.

The previous post in this blog was End to end trust.

The next post in this blog is Positive Approach to Security Requests.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type Enterprise 4.1-en