User experience should not be a priority in the context of security — do you agree?

Security Strategy & Roadmap Security & GRC End-User Services & Collaboration

Strongly agree5%

Agree56%

Neutral15%

Disagree19%

Strongly disagree3%

274 PARTICIPANTS

1.2k views3 Comments

Director in Manufacturing, 1,001 - 5,000 employees

It depends on what aspect of security you are talking about. I remember when we went initiated complex passwords that expired every 60 days. The number of passwords stored on Post-IT notes went through the roof (or on the monitor)

If you completely ignore user experience they may get very creative circumventing your “improved” security

Director of IT in Government, 10,001+ employees

There are examples of security controls being met with a method that degraded customer experience to the point of broader mission risk. Employees then spend much of their innovation and cognitive skills to find or develop work around. UX has to be at the table of discussion.

Director of Network Transformation, Self-employed

Security must be usable to be successful. So, yes, the UX side must be strongly accounted for!

Content you might like

In the next year, how do you expect your service delivery model to change for automation?

End-User Services & Collaboration Process Management

Increase59%

Stay the same39%

Decrease2%

253 PARTICIPANTS

662 views

There are so many types of social engineering attacks – how should we determine which ones to focus on for employee security awareness training?

Awareness & Training Threat & Vulnerability Management Security Strategy & Roadmap

Head of Information Security in Services (non-Government), 1,001 - 5,000 employees

You need to tell people what to expect and what not to expect from IT. We’ve tried to train people to expect that IT will do certain things or make requests which are okay to comply with, but IT will never call you out of ...read more

1 Reply

684 views2 Comments

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

142 19 Replies

Does it actually make sense to have multiple cybersecurity point solutions that serve the same purpose? Or does that added complexity just weaken your overall security posture?

Security Strategy & Roadmap Threat & Vulnerability Management Threat Intelligence & Incident Response

Head of Information Security in Services (non-Government), 1,001 - 5,000 employees

It depends on how good the solution is at addressing your security needs. I lean towards simplifying the security stack, but in some cases existing solutions just don't provide the level of security that you need. If ...read more

350 views1 Comment

In terms of your incident response strategy, are employees required to have the org’s instant messaging platform (Teams, Slack, etc.) installed on their personal mobile device in case their computers become nonfunctional during an incident?

Threat Intelligence & Incident Response Resilience Security Strategy & Roadmap

Yes, all employees31%

Yes, but only for some employees53%

No15%

I’m not sure…1%

85 PARTICIPANTS

543 views1 Comment