Some companies make a business by providing security - airport security, building security, computer security, internet banking security and other types of security. They exaggerate the risks that can arise from lack of security and provide expensive solutions to solve these risks. They make a lot of profit from these solutions.
Apart from the high cost and burden to the businesses, which are passed to consumers, these security measures add to the hassle of life. Life is already so stressful and the excessive security measures make life more complicated.
If airport security is loosen, what will happen? Maybe a plane might fall to terrorists every few years. The number of people that is killed would still be quite small, compared to deaths by road accidents. I am not suggesting that the airport security be removed entirely. I am suggesting more sensible ways to implement security that is less costly, less troublesome and still quite effective.
I have the same observation for internet banking security. We have gone overboard in giving so many layers of security for small payments through bank transfer or credit cards. In the real world, the cash in my pocket can be easily stolen. Someone can take my check book and forge my signature. The real world carries more real risks than hacking through the internet. Why do we need to over-emphasize the security risks of computer systems?
The biggest scam is the y2k. Many consultants and accounting firms exaggerate the risks to computer systems that could occur when the date passes through midnight of 31 December 1999,. They pocketed hundred of millions of consultancy and security fees. Nothing happened when the world enters into the 1st second of 2000. The companies that paid the millions were conned, and they were too ashamed to admit it. The key people responsible for this waste were the regulators, who fell for the con and imposed strong requirements on the banks, insurance companies and other businesses to implement the y2k security measures.
I ask for the people responsible to use their common sense and evaluate the costs of prevention against the benefits of avoiding loss - i.e. to exercise risk management in a sensible way. If the cost is excessive, it is better to take the risk (i.e risk retention). If preventive measures have to be taken, choose the appropriate measures that are cost effective.
Tan Kin Lian
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment