Mitigating risks … is a waste of money?

There was an interesting talk at one of the panels at the RSA Conference, where SilverSky and Adobe claimed that investing in security is a waste of money. Their message is simple and compelling:

“For most companies it’s going to be far cheaper and serve their customers a lot better if they don’t do anything [about security bugs] until something happens. You’re better off waiting for the market to pressure on you to do it.”

Although they say that this was all in pretense, we all know it was not, companies large and small try to avoid fixing problems as long as they can, waiting for customers to complain loud before ever doing anything. Basically, this is a risk that companies rate as unimportant because of its low perceived rate of occurrence.

The problem with this kind of risks that they cannot be properly rated. The probability of these risks is hard to rate because the data is basically unavailable. And the impact of the risk is underrated because of low perceived probability. People tend to ignore such risks.

But the companies, can they also afford to ignore such risks? What has to be considered is that a …
Read the full article ->

Corporate responsibility

One of the buzzwords I dislike is “Corporate Responsibility”. It is overused, abused and never means what it is supposed to when you hear it from the top managers. However, it is important. Rather, the concept that it used to mean is important.

I spent a few months in Russia now and I am shocked and disgusted at how business is done there. That is the place where you go if you want to learn what the consequences of irresponsibility on a grand scale are.

Nobody feels responsible for anything there. The only king of this newly capitalistic country is money. Everybody dreams of making money quick. Some people make the money quick. Some don’t. But for everyone the main theme remains – just make money, no matter how, no matter what the consequences are, never mind the “after”.

What is the result? Well, most, or, perhaps, all of the business is based on making or buying something dirt cheap and selling it high. Most products are made in China or are counterfeit. Everything is made of the cheapest materials and with the cheapest technologies.

Can you imagine the life in a disposable world? Disposable furniture, disposable cars, disposable roads, …
Read the full article ->