Post
@realn2s
legal obligation within the data protection laws - heavy fines.
Use examples of companies heavily impacted or closed... https://www.bbc.co.uk/news/articles/cx2gx28815wo
Customers assume security but don't want it to cause friction in what they want to do.
@realn2s
legal obligation within the data protection laws - heavy fines.
Use examples of companies heavily impacted or closed... https://www.bbc.co.uk/news/articles/cx2gx28815wo
Customers assume security but don't want it to cause friction in what they want to do.
@DaRC_Fantom
Nice example. Sound like a good story for the #BigBookOfLittleBreaches 馃槂
(https://infosec.exchange/@realn2s/112240250364961390)
In my experience the "legal obligation", "heavy fines" line doesn't work too well 馃槧
It shifts the goal from providing adequate security to just avoiding the fines 馃槧
And this sadly, often can be accomplished by transferring the risk (it's someone else's fault or problem) instead of eliminating or reducing the risk
E.g. by just adding some documentation of what "users" need to do to stay secure and blame them if they didn't do it.
@0x00string
馃檹馃徎 Understood and I agree.
Sadly, I went to one "care too much" cycle.
I hope that I learned to reduce the amount of care to an acceptable level
@0x00string
馃槶
I'm very close to doing that 馃お
Both 馃槣
A space for Bonfire maintainers and contributors to communicate
