Drivers for AppSec Programs Response Percent
Couching security as a direct “enablement” for new applications 30.4%
出典：SANS Institute (2015)
About One hundred years ago, the “unsinkable” Titanic foundered after striking an iceberg
off the coast of Newfoundland.
More than 1,500 people died in what became one of the deadliest maritime accidents ever.
Several factors contributed to this massive death toll,
but perhaps the most critical was that there simply weren’t enough lifeboats.
The ship carried 2,224 people, but fewer than half of them could squeeze into the boats.
As we know, passengers who didn’t get a spot in one of those lifeboats quickly died
in the freezing waters of the North Atlantic.
What’s less well known is that the Titanic’s supply of lifeboats was in full compliance
with the British marine regulations in force at time.
The law required the ship to carry 16 lifeboats; the Titanic actually had 20 lifeboats.
The ship’s owners did a good job of providing enough boats to address the regulatory
risk of noncompliance. Unfortunately, meeting regulatory requirements did little to
prevent the tragic loss of life.
This is a case of misperception of risk.