Okay:

Universal Basic Cybersecurity. *

For every organisation, the people through the government provide the means (not money but tools, knowledge and information) to have basic information security in place.

This as a response to the “Security Poverty Line” and the abysmal state of information security, especially (but certainly not exclusively) amongst the SMEs.

*) you can probably guess why I don’t pitch it as “Universal Basic Informationsecurity”. Also, just “Security” doesn’t work, because that is (rightly) used in the discourse around UBI. If it is confused with Universal Background Checks, that’s just a happy little coincidence.

#ShowerThoughts #UniversalBasicCyberSecurity #UBC #SecurityPovertyLine #infosec #CyberSecurity
#UBI

As you know, I've been talking about the #SecurityPovertyLine for over ten years now, and I'm always learning new things that add to my thinking on it. In my work with the National Academy of Sciences committee on cyber hard problems, I got to hear a presentation from @fuzztech that really opened my eyes.

It seems that US law enforcement is also below the security poverty line. Really. They struggle with protecting their own infrastructure (which includes huge amounts of digital data that now has to be stored as evidence for, like, forever -- as innocent people are still being exonerated decades later), and they also struggle with being able to help victims of cyber-enabled crime.

This presentation (which starts at 4:20 in the video) is open to the public, and I believe it needs more attention, as this problem affects not only SMBs, but also the very fabric of society. Have a look:

https://vimeo.com/event/4576498

cc: @CyberThreatAlliance @craignewmark

As you may know, one of the concepts I’ve been talking about for more than a decade has been the #SecurityPovertyLine. I’m thrilled to see organizations like @CommonGoodCyber starting to address it, and I’ll be leading a breakout discussion at the workshop in DC next week. Some of the panel sessions will be streamed (@reitinger, tell me if I’m mistaken), but the breakout sessions will not, as we roll up our sleeves and try to get work done. We must address the root causes of #CyberPoverty if we hope to protect everyone from attacks and promote #CyberCivilDefense.

https://commongoodcyber.org/events/

What is the #SecurityPovertyLine? (Or #CyberPovertyLine, depending on your style) @Tarah and I talked about it and its effect on SMBs and the #MSPs who support them.

https://www.youtube.com/live/OoD2gKSXaOQ?si=cw43jsJrFkVzDP20

https://www.linkedin.com/events/7134283943507369984/comments/

When @Tarah invites you to speak in public with her, YOU SAY YES! Come hear us discuss the #SecurityPovertyLine on November 30th.

So I have to do the beginnings of some content marketing for my awesome company, even though sometimes I get a little uncomfortable putting myself out there, but I realize that I am completely furiously angry about something.

What if I entitled my first video: “I feel like I’ve been taking crazy pills: the inability of enterprise security experts to understand that small businesses and managed service providers live in a totally different fucking world than them.“

if you people shout enough in glee at this idea, I will make it happen.

“Why can’t these small businesses just implement EDR on all EPs and you can automate compliance?” IDK because the bottom half of SMBs are guys in trucks named Jeff with five year old personal Android phones, you utter git

#SecurityPovertyLine @wendynather

On May 5th I’ll be discussing the #SecurityPovertyLine with @craignewmark and @meganstifel at the @ist_org #RansomwareTaskForce summit in DC.

https://securityandtechnology.org/ransomwaretaskforce/ransomware-task-force-gaining-ground/