When I was in the US Navy, I learned most of the time, the weak points in security were usually people. Attackers know this and exploit it. And it usually wasn't movie plot style "do this or your wife gets it" exploits. Those seemed to get blown up easily. It was mundane things. Distracting a watch stander with something that was actually stupid. Making someone late for duty. Putting something really gross in the garbage hoping the inspector would skip that bag. So many little lapses in human judgement. Most completely innocent. This was with vigilant, uniformed people subject to military discipline, and those thing happened.
So you have to focus on process and systems. Some easy stuff:
* Never ask customers/employees for a password. If someone does it's a scam.
* Refund money only to the payment method used to pay for the product/service.
* 2FA is your friend no matter how much the VP of Sales whines about it.
* have a way to expire tokens and force reset of passwords.
What's the threat scenario where forcing a password reset increases security? I'm genuinely curious, because I feel it's often the case that password expirations might introduce more threats than they mitigate.
> Looking further ahead, we’re developing Intel 14A as a foundry node from the ground up in close partnership with large external customers. This is essential to designing a process that meets specific customer requirements and enables us to address a broader segment of the market. Going forward, our investment in Intel 14A will be based on confirmed customer commitments. There are no more blank checks. Every investment must make economic sense. We will build what our customers need, when they need it, and earn their trust through consistent execution.
are these large external customers in the room with us right now?