“Ransomware Doesn’t Scare Me; Listeria Does”
The risk of listeria is an incredibly concerning one which should not be dealt with lightly. In striving for automation and cost reduction, companies can often take the past of least resistance and lowest long-term cost while sacrificing security. As systems become more and more integrated, the stakes are higher than ever if a successful cyber attack hits core functions of a company.
It is not only cheese production that risks public safety in this situation. There are so many other companies who run terrible risks from water treatment and nuclear power plants to traffic light automation and air traffic controller systems. These systems if compromised could result in harming thousands if not millions of people. These would cause tragic disasters which may well end in huge numbers of casualties. I think we can all agree that any potential money savings that come from having these kinds of industries automated online in potential vulnerable over-networked systems are heavily outweighed by the potential risks. The critical parts of these systems should never be made accessible via Internet.
“Who Invited Her?”
We must acknowledge the fact that it took a lot of courage for Sarah to speak up in that situation especially given how contrarian her opinion was. She made a very valid point which was disregarded by everyone except the CEO. The fundamental issues here were that Sarah was in a position of inferior power compared to everyone in the room which means that it was easy for her to get dismissed, for her opinion to be perceived as insolent and aggressive, and her knowledge as lesser. The fact that she is a woman in a room full of men did not help. There has been a lot of research which shows that women who speak up are perceived negatively as opposed to men who are perceived positively as confidence. We must also give credit to the CEO for seeing the value in the idea and encouraging her to keep going. A weak leader would have been swayed by the reaction of all the derisory males in the room. Had the idea been ignored, other more costly or sub optimal solutions would have been discussed and I do not think the right decision would have been reached.
I do not think too much of this case study is applicable to my project. We are keeping user privacy front and center but our solution will likely not be linked to any mission critical systems which can cause massive social harm if they fail.
