> So let people who aren’t experts at physical security suffer break-ins, and physically weak people get beaten up?
First, in many jurisdictions, paying protection money for physical security is illegal.
Second, Colonial Pipeline has an operating revenue of $1.32 billion. I suppose in the USA it's technically a person, but... it's not actually a person.
> We have law enforcement so everyone can be free to focus on their own value-add in life without having to learn 1000 skills to cover their own ass. I love security but 99% of people don’t, and shouldn’t
I submit that oil pipeline operators, hospitals, and large corps are part of that 1%.
You have a point. They should do minimum due diligence to harden their networks.
However... how much do you want to bet that the CEO of a pipeline company has the knowledge to make this happen? One has to be an intelligent customer to make something like this happen.
Well then, perhaps there should be minimum requirements to become CEO of a large corporation in regulated areas like pipelines? If the alternative is large harm to the public, this seems like a no-brainer to me for future legislation.
So should the president of the United States be an expert on tactical jet engines? And also have a PHD in economics? And also be an expert in immunology? And power plant operations? How about the national airspace system?
People are quick to conclude that Colonial’s security was “bad.” But do we know that to be true? A sophisticated, potentially state-sponsored organization initiated this attack. The best security in the world is not 100% secure. It might be wise to get the facts before rushing to judgement.
It’s probably cleaner and easier to run this if the spooks set up a bureau of cyber security standards and fine strategically important companies for non-compliance. The gov can do security audits on these corps.
So, you are saying that there are jurisdictions where home security systems are illegal? Night watchmen/security guards and body guards are illegal? Where would these jurisdictions be located?
I don't think that's even close to what I'm saying. I'm not even really sure what you are trying to communicate here; are you insinuating that ADT or Ring hire roving bands of bandits who break into houses that aren't protected by their security systems? If not, I genuinely don't know what you're trying to say here.
First, in many jurisdictions, paying protection money for physical security is illegal.
Second, Colonial Pipeline has an operating revenue of $1.32 billion. I suppose in the USA it's technically a person, but... it's not actually a person.
> We have law enforcement so everyone can be free to focus on their own value-add in life without having to learn 1000 skills to cover their own ass. I love security but 99% of people don’t, and shouldn’t
I submit that oil pipeline operators, hospitals, and large corps are part of that 1%.