Difference between revisions of "The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform"

Revision as of 15:42, 17 September 2010 (view source) Mark.bristow (talk | contribs) (Created page with '== The presentation == rightWhat we're doing today is not working and isn't sustainable. The fundamental culture of the average business does no…')		Revision as of 05:04, 21 September 2010 (view source) Dallendoug (talk | contribs) (added link header) Newer edit →
Line 1:		Line 1:
		+	[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
		+
		+	[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
		+	<br>
	== The presentation  ==		== The presentation  ==

---

Revision as of 05:04, 21 September 2010

Registration | Hotel | Walter E. Washington Convention Center

The presentation

What we're doing today is not working and isn't sustainable. The fundamental culture of the average business does not encourage making good security decisions. Software shops continue to focus on functionality and timelines, neglecting information security. In spite of regulations like PCI and HIPAA+HITECH, which are levying fines against organizations for their security failures, the tipping point has clearly not been reached to cause meaningful change. Much of this problem can be attributed to the excessive use of negative incentives (sticks) instead of providing positive incentives (carrots) that inspire better decision making and motivate true change. Fortunately, it's not too late to change tactics and start achieving demonstrable success.

The speaker

Speaker bio will be posted shortly.