by Roger R. Schell

Not only is the effectiveness of current cybersecurity “best practices” limited, but also they enable and encourage activities inimical to privacy. Their root paradigm is a flawed reactive one appropriately described as “penetrate and patch”. Vigorous promotion encourages reliance on these flimsy best practices as a primary defense for private information. Furthermore, this paradigm is increasingly used to justify needlessly intrusive monitoring and surveillance of private information. But even worse in the long term, this misplaced reliance stifles introduction of proven and mature technology that can dramatically reduce the cyber risks to privacy.