In the Spring 2021 issue of the United States Cybersecurity Magazine, “Human Security Engineering: A New Model for Addressing the “User Problem” I highlighted the strategy of Human Security Engineering to address the User Initiated Loss (UIL). To summarize briefly, UIL is the concept that a user does not actually create a loss, but may initiate the possibility of the loss. The system has to allow the loss to be realized.
For example, even if a user clicks on ransomware, the system itself has to allow for the ransomware to load, execute, and then encrypt the drives. An initiated loss . . .