Should employees be punished for sloppy cyber security? [POLL] | Naked Security

Assume that it’s time for Bob’s performance review.

Bob’s boss says he’s a great addition to the team. Easy to work with!

And the sales numbers? Hot mama, Bob’s smokin’! Mr. Bob surely has worked himself toward a big, fat raise!

Or not. Bob would have gotten a raise, that is, but he got fooled by a phishing email and unwittingly invited the bad guys in through the front door, torpedoing Widget Industries Ltd’s multimillion-dollar investment in security systems.

Fiction! But can you imagine if this were really the way employees were assessed? They answer a phishing scam email, they trigger a major security breach, and then they’re held accountable?

via Should employees be punished for sloppy cyber security? [POLL] | Naked Security.

A thought experiment, sure, but one that leads in some interesting directions.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)