Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

Tech Giants, Researchers Team Up for “Simply Secure” Initiative

Google, Dropbox, the Open Technology Fund and several security researchers have joined forces for a new initiative that focuses on usable secure technologies.

Google, Dropbox, the Open Technology Fund and several security researchers have joined forces for a new initiative that focuses on usable secure technologies.

The organization, called Simply Secure, wants to work with security and privacy experts, software developers, designers and user-experience specialists for creating open source security tools that are easy to use even by less tech-savvy people.

Simply Secure is led by Sara “Scout” Sinclair Brody, a product management and usability consultant who previously worked for Google, contributing to projects like Android, two-factor authentication and uProxy.

“Simply Secure represents an exciting opportunity to bring together diverse groups in pursuit of an important goal: making security and privacy tools more user-friendly. This transparent, community-focused approach is new, and represents a compelling adaptation of the open-source model to interaction design. Usable security has been a passion of mine for the past ten years, and I’m thrilled to be leading such a wide-ranging and well-supported initiative,” Sinclair Brody said.

The organization’s advisory board includes Angela Sasse, head of information security research at University College London; author and activist Cory Doctorow; Apache Software Foundation Co-Founder and Google Security Engineer Ben Laurie; Ben Scott, senior advisor to the Open Technology Institute at the New America Foundation in Washington DC; Ian Goldberg, author of the OTR encryption protocol; and Wendy Seltzer, policy counsel to the World Wide Web Consortium (W3C).

Simply Secure was launched because while there are numerous security solutions that are efficient from a technical standpoint, many of them are difficult to use, which leads to low adoption rates.

“Encryption-based solutions could provide effective protection against threats that affect ordinary users: phishing, keylogging, eavesdropping. But most security solutions are security measures are ineffective because they are too complex or time-consuming – so people make mistakes and give up,” said Sasse. “That does not mean they don’t want effective protection – people prefer to use the Internet and mobile services without constant worries. Simply Secure will create solutions that provide effective protection, so users can have peace-of-mind without mental gymnastics or constant tedious housekeeping tasks.”

“If technology is secure but impossible to use, is it really secure? It’s a challenge to provide proven, open source tools to the public in ways that meet their high expectations and modern use cases. With its clear mission, an exceptional board, and a community-focused approach, we believe Simply Secure can bring us much closer to a world in which ubiquitous security is the norm,” said Meredith Whittaker, Open Source Research Lead at Google.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Risk Management

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it.

Funding/M&A

More than 4,000 internet-accessible Pulse Connect Secure hosts are impacted by at least one known vulnerability, attack surface management firm Censys warns.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...