Computer Fraud & Security
Interview: Philip Lieberman and the human factor
by Steve Mansfield-Devine
Security is a good thing and it’s available right now. We have the technology, but
its use is subject to a number of tensions and conflicts that mean it isn’t exploited
properly. Philip Lieberman, founder of Lieberman Software, which specialises in
privileged identity management, believes that the problem isn’t technology – it’s us.
People are simply all too human, and that means we can’t avoid making mistakes.
By itself, that’s not a problem as we generally know how to correct our errors. But
the issue is compounded by the proliferation of technology; a compensation culture
in which people are paid for doing – in his view – the wrong things; a corporate
environment in which IT and security measure their self-worth by the control they
have over systems that, ultimately, they can’t control; and a lack of understanding
about what terms like ‘efficiency’ mean in a security context.
We met at the InfoSecurity 2012 event in London. Earlier that morning Lieberman had presented a talk on ‘The five secrets of IT administrators’. “The purpose of it was to outline the nature of what goes wrong within IT,” he said, “because of certain behavioural problems and also due to problems with compensation plans and accountability.”
After the talk, a member of the audience spoke to Lieberman and stated a fact that goes right to the heart of the problem. “You know,” he said, “we get paid in IT for the amount of uptime we have.”