Consider the risk management of information and the principles of risk themselves. Do we have a culture that is working so far to right of the normalized curve of expectations that we’re expending huge amounts of resources for very little gain. Consider some very specific cases of risk management and cultures of fear and the poor choices we make in decision making.
TEDxCopenhagen – Mikael Colville-Andersen – Why We Shouldn’t Bike with a Helmet
Next up another video to make this a little more specific to information security but the principles remain. Consider what a culture of fear does to information security. Consider what the principles of security mean and then start applying them to information security.
TEDxPSU – Bruce Schneier – Reconceptualizing Security