Wikipedia defines "good faith" as "a sincere intention to be fair, open, and honest, regardless of the outcome of the interaction." A person who acts in good faith must be truthful and forthcoming with information, even if it affects the end state of a negotiation or transaction. In other words, lying and withholding information, by their very nature, make an interaction anything but good faith.
For many security professionals, good faith is the only way they know how to operate. Unfortunately, the security profession, like any profession, has its share of bad faith actors, too. For example, consider a co-worker who is underperforming and introducing unnecessary risk into the security organization. In certain cases, underperformers will look to sabotage others rather than improve the quality of their work. Or, as another example, consider a bad faith actor who is out to gain competitive intelligence or other information that can be used for any number of purposes, including social engineering.
How can good faith security practitioners identify bad actors and understand when they're being taken advantage of? Here are five signs.
1. Information hoarding: Ever had a conversation, meeting, chat correspondence, or email exchange that feels more like an interrogation than a two-way exchange information? This is a well-known trick – and sign of – a bad faith actor. By the time most good faith actors catch on to the fact that the information flow is entirely one-way, they've already given the bad faith actor a wealth of information.
2. My way or the highway: As a generally rational bunch, good faith actors understand that life is a give and ta ..
Support the originator by clicking the read the rest link below.
