Keynote:The Psychology Of Security presented at Blackhat USA 2007

by Bruce Schneier (BT Counterpane),

Tags: Security Risk

Summary : Security is both a feeling and a
reality. You can feel secure without actually being secure, and you can
be secure even though you don't feel secure. In the industry, we tend to
discount the feeling in favor of the reality, but the difference
between the two is important. It explains why we have so much security
theater that doesn't work, and why so many smart security solutions go
unimplemented. Two different fields—behavioral economics and the
psychology of decision making—shed light on how we perceive security,
risk, and cost. Learn how perception of risk matters and, perhaps more
importantly, learn how to design security systems that will actually get
used.

Bruce Schneier: Counterpane systems