Bruce Schneier: Security as a state of mind

Popular security researcher says security is also a feeling and therefore can't be quantified.

LAS VEGAS--Bruce Schneier, CTO of BT Counterpane, has been talking about the psychology of security for some time now. In his keynote address to Black Hat on Thursday morning, Schneier said that one simply cannot quantify security because it's also emotional. How we feel about security in a given situation can affect how secure we really are.

Schneier says we're all security consumers; as humans, we're constantly deciding how much time, money and effort we spend to feel secure. All animals do this. A rabbit faced with a predator has to decide whether to keep eating or simply run. Humans are both good and bad at this.

He cited several studies that show our decisions regarding the relative trade-offs aren't always logical. Schneier then talked about specific decisions we make around the severity of risk (life or death), the probability of a risk (it won't happen to me), and the magnitude of a risk (we overplay the risks when children are involved), the effectiveness of a risk (does it matter more whether I do A or B).

He also said that we tend to get these decisions wrong. Schneier said humans are better prepared for living in a hut on the African highlands in 1000 BC than for living in New York in 2007. Schneier ended his talk saying companies should spend more time working on improving the general perceptions surrounding security and not just the hardware and software they sell.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Microsoft leaves Apple in the dust with tablet and laptop innovation in 2015

Will there be one Apple Ring to rule them all? That's what a patent application says. Plus, building the thinnest gadget isn't innovation anymore and Apple just got a reality check from Microsoft.

by Brian Tong