Layer 8

And why we don’t (spend more time really trying to) help hungry people, or sick people, or homeless people…

Though the aggregate frequency my not be insignificant, like you say - there’s such a population for it to be spread it among - the issue at hand rarely reaches our circle of experience (friends, family). 

It’s why we wear ribbons or put badges on our websites.  It’s our way of saying “hey, this hasn’t come up in conversation, but this matter at hand - it’s important to me.”

As far as Information Risk is concerned, here’s the rub:

Until there were reporting laws - we didn’t know.  So there was no frequency for us to reference.  Now that there is, we’re finding that b2c companies aren’t really affected adversely (long term in sales, customer churn, or stock price).

Alex, is this your way of politely saying “Duh”? 

As usual, good writing.

I think this has come down to an discussion on perspectives
with your key message that it’s a waste of time to try and
make thing better.

Basically, your posts seem to try and explain away why
everything’s crap and that the status quo is a manifest
destiny that the human element can’t/won’t do anything about it.

I’m taking the “glass half full” approach here and not get sucked
into wondering if “...I make a difference” or that the “...world
just doesn’t care.”

While I think it’s important to see where we’ve been, I don’t
care to live there.  It’s time to move on and make things better,
and not just for my own little piece of the world, either.

I choose to try and do something about it an impact the
thinking of as many people as I can in the process and not
merely sit by and accept it.

I remember my parent’s cars didn’t have seatbelts.  I remember
when airbags weren’t invented yet.  I remember when we didn’t
have breach laws.  I remember when we didn’t have SDL programs.”

These didn’t just “appear.” It took hard work that was against
the grain.  These “technologies” and “movements” were
disruptive and came to be because enough was enough.  I, like
most, didn’t think of it then, but seatbelts and airbags have
become profoundly impacting.

I’m not trying to be critical of you, and I’m certainly not
wanting to make this personal in relation to your thoughts,
but I am making it personal for me.  I believe one has
to put things out there and make the effort.

Futility?  They make ointments for that now.

As Alex’s comment re: the ribbons suggests this is exactly my
perspective “hey, this hasn’t come up in conversation, but this
matter at hand - it’s important to me.”

It’s important to me.

I’m not content to sit by and wait another 10 years for our
version of the airbag.

/Hoff

Hoff, I can’t possibly be writing well if you keep coming away with the message that I think nothing can or should get any better.

If you can invent something that will increase both security AND benefit without substantially increasing cost, then my guess is that the market will go for it (see: seat belts and airbags).  You keep wondering why more people aren’t outraged the way that you are; I told you.  That’s a different answer from “should we work to make things better?”

Peace, bro.

Your example is flawed.

Firstly, there is no “thing” (read: silver bullet) that the “market” will go for.  There’s lots of silver buckshot
but it’s applied without order or strategy.

Secondly, I’m a student of the human condition, I haven’t once wondered why “people aren’t outraged.” I’ve
posted numerous times on that.  I’ve never cried “Oh, the humanity!”

Thirdly, people didn’t “vote” for seatbelts, airbags or ABS.  In some cases, it was dictated by regulation and in
others, it was just a disruptive technology.  Not everything comes from people’s direct demand for improvement.  If
it did, we wouldn’t need marketing.  There was no choice but to pay for seatbelts.  Initially, airbags and ABS just
became standard as the costs came down and people recognized the utility and safety benefits.

That’s what this is about.

In closing, there are many, many things that can be done to improve “security.” Most people don’t do them.  Some
aren’t even aware of them. 

Instead, the general populous sits around waiting for the genie to pop out of the bottle.  It’s never going to happen, as you well know.

To make a difference, it has to be within a greater construct and it has to be thought of in easily-digestible
incremental nuggets with the occasional “ah hah!” such that “they” can absorb it.

If I could spend more of my time writing about those things rather than defending the position that it’s time
for change, I’d be able to address your last point.

I’m not suggesting that you think that “...nothing can or should get any better” but I am taking away from your
posts that because the world in general doesn’t care, it’s not worth the energy to discuss it.  Yet here we are.
I guess I’m just a glutton for punishment, or I’m willing to yap like a dope until I run out of air.

Dunno what to tell you. 

I’m happy that people are talking, but I’m far from outraged, just wanting things to change.

/Hoff

“I’m a student of the human condition”

It’s reassuring to see that someone can say that without ironic intent.

What is the consumer willing to pay for better security or safety?
We can put a price on safety features like airbags, breaks, etc. Manufacturers incorporate these features and initially charge you more. With time and competition manufacturers eventually offer the same features for more or less the same price.

We have a problem doing the same consistently for security. If we can’t put a price on security then it can’t be sold thus no one is willing to pay more for a products that claims to be more secure and we take our chances with what we have. Furthermore we are all in the same boat, no one is advantaged or disadvantaged, we all use the same crap.