Designers need to take responsibility for cybersecurity.

Designers and product owners need to account for the increased attack surface area their products and services create. It is hard to say we practice human-centered design and then needlessly expose our users to infosec risk.

We no longer live in a world where an organization’s IT systems might be compromised. Everything can -and eventually will be- hacked.

We have to ask if our product or service needs to be internet enabled and if we need all the data we collect. Chances are the answer is no. We must take responsibility for reducing the risk for our customers.