undefined | Better HN

0 pointssneak3y ago0 comments

Then why are they still getting owned via common/routine phishing attacks? Ones that are entirely, cheaply, and easily preventable?

0 comments

1 comments · 1 top-level

iinnPP3y ago

Because they don't pay a competent person to do their security or because the person they paid isn't able/willing to make decisions.

Phishing is not obviously sophisticated but an argument could be made. The problem with letting that kind of language slide is that it skirts responsibility. Society has a huge accountability problem currently and there isn't really an end in sight. There's no need to continue allowing corporations to use such language and continuing the problem.

If a solution to phishing is available and not used, the easy mode hack is attributed to the security of the people so responsible. They took a risk and that went bad. Fire them(the people ACTUALLY RESPONSIBLE) and move forward with a better model of security.

The person actually responsible is the person(s) who made the final call on using security susceptible to phishing attacks where a better option exists.

j / k navigate · click thread line to collapse