Why Should I Care, I Don‘t Have Anything to Hide?

The information you are protecting may not be your own.

If there is a common conception about information security in the modern world, it is the conceit that information is primarily about personal privacy. Information security professionals will provide examples of personal data leaks that could be embarassing, harmful or costly, but—as with so many things—the individual risks from bad information security is disproportionate to the aggregate risks. For most people in most situations, poor information security’s threat is not to them personally, but from aggregation, as a threat vector, and through weakened “herd immunity.”

Why Should I Care, I Have Nothing to Hide…I Know Of?

Hackers may want information you don’t know you have, or intend to use information in ways you have not thought of.

Unsurprisingly, most people think they know what information they can and cannot access. After all, how could you know something and not know you know it? Trivially, “access” is not “knowledge.” After all, everyone reading this post can also access all information online, but they surely do not know all information online. Even with the information you know you—law abiding citizen—don’t think about information the way malicious actors might.