In an interview with eSecurity Planet, HP's Chief Technology Officer comes out strongly in favor of the expectation that users should take responsibility for the maintenance and operation of their computer systems.
"As individuals, we don't take responsibility for our own data and privacy," said Andrzej Kawalec, Global Chief Technology Officer at HP Enterprise Security Services. "We have locks on windows and doors at home
It's a good point, but the question remains: Where do you draw the line between the responsibility of the vendor (Microsoft, Apple, Adobe, Cisco, etc.) and the user?
The question is somewhat analogous to the automobile industry, in which carmakers are held to safety standards by government regulation — but users (drivers) also have to pass competency exams, obey laws, and maintain their vehicles. But the key flaw in that analogy, I think, is that Internet security is a lot more complicated than learning to drive, obeying the rules of the road, and keeping your tires properly inflated. (At least for non-technical users.)
What do you think? Should users be held to a higher standard of personal responsibility when it comes to online security?"