RE: https://mas.to/@sphcow/116600421761353499

“Many organizations are not waiting for the next identity paradigm. They are trying to improve messy current-state systems with limited budgets, legacy infrastructure, and competing priorities. They do not need generic lectures about modernization. They need practical paths from where they are today to where the industry says things are going.”

The organizations below the #SecurityPovertyLine are struggling just to do the necessities. They don’t have time to admire the problem even if they might benefit from the solution.

https://sphericalcowconsulting.com/2026/05/19/identity-is-not-the-product/

Okay:

Universal Basic Cybersecurity. *

For every organisation, the people through the government provide the means (not money but tools, knowledge and information) to have basic information security in place.

This as a response to the “Security Poverty Line” and the abysmal state of information security, especially (but certainly not exclusively) amongst the SMEs.

*) you can probably guess why I don’t pitch it as “Universal Basic Informationsecurity”. Also, just “Security” doesn’t work, because that is (rightly) used in the discourse around UBI. If it is confused with Universal Background Checks, that’s just a happy little coincidence.

#ShowerThoughts #UniversalBasicCyberSecurity #UBC #SecurityPovertyLine #infosec #CyberSecurity
#UBI

As you know, I've been talking about the #SecurityPovertyLine for over ten years now, and I'm always learning new things that add to my thinking on it. In my work with the National Academy of Sciences committee on cyber hard problems, I got to hear a presentation from @fuzztech that really opened my eyes.

It seems that US law enforcement is also below the security poverty line. Really. They struggle with protecting their own infrastructure (which includes huge amounts of digital data that now has to be stored as evidence for, like, forever -- as innocent people are still being exonerated decades later), and they also struggle with being able to help victims of cyber-enabled crime.

This presentation (which starts at 4:20 in the video) is open to the public, and I believe it needs more attention, as this problem affects not only SMBs, but also the very fabric of society. Have a look:

https://vimeo.com/event/4576498

cc: @CyberThreatAlliance @craignewmark

As you may know, one of the concepts I’ve been talking about for more than a decade has been the #SecurityPovertyLine. I’m thrilled to see organizations like @CommonGoodCyber starting to address it, and I’ll be leading a breakout discussion at the workshop in DC next week. Some of the panel sessions will be streamed (@reitinger, tell me if I’m mistaken), but the breakout sessions will not, as we roll up our sleeves and try to get work done. We must address the root causes of #CyberPoverty if we hope to protect everyone from attacks and promote #CyberCivilDefense.

https://commongoodcyber.org/events/