3
1
Wh o m Do Yo u Bl a m e ?
It goes without saying that human beings are responsible for all of
our problems in information security, and we have to hold our hands
up and say, “we are responsible for the world’s information security
problems.”
Each and every one of us has the potential to change the world in
terms of how we manage information risk—by taking responsibil-
ity to do so. But as to why information security is such a mess these
days, should we attribute blame to some parties more than others? Is
there a corporate position that holds more responsibility than others
in information security? Is there a single person to whom we should
direct our primordial wrath?
e Buck Stops at the Top?
e tendency for most security professionals such ...