Managing Insecurity: Practitioner Reflections on Social Costs of Security

Abstract: 

Nonprofits and local government have experienced more than their share of breaches and notifications over the past several years. The reasons for this are evident: lots of sensitive information, insufficient IT resources, lack of institutional discipline, etc. Clearly more time and resources at these organizations should be dedicated to security.

I discuss whether even identifying the proper balance is a good deal more difficult for public service organizations than has been widely discussed. Will security concerns affect the adoption of electronic medical records, regional health organizations, and nonprofit work? At what point do needed changes in organizational cultures undermine the public mission? What types of security controls and practices are best suited for service agencies? What kinds of research would most help public services?

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {268068,
author = {Darren Lacey},
title = {Managing Insecurity: Practitioner Reflections on Social Costs of Security},
year = {2008},
address = {San Jose, CA},
publisher = {USENIX Association},
month = jul
}
Download

Presentation Video

Presentation Audio

http://streaming.linux-magazin.de/events/usec08/tech/archive/dlacey/