Browse Definitions :
Definition

security theater

Security theater is the practice of organizations or security teams implementing publicized or superficial measurements that create an atmosphere of safety that may only achieve the appearance of heightened security. While actual security processes can be measured based on the probability of various risks and how equipped a group is to handle them, security theater is based on a psychological feeling. The term was first coined by the computer security expert, Bruce Schneier, and has since been adapted to describe a variety of scenarios.

Without any mathematical basis, individuals can have psychological reactions to their assessment of potential risks in their lives and circumstances. In many situations, these can even be far removed from the actual calculated probability of these risks. An individual might feel more strongly at risk of certain kinds of threats than others based on the information they consume about those kinds of risks and their personal biases about them. Security theater is the purposeful attempt to create more positive feelings of safety, even in the complete absence of implementing measures that actually improve safety.

The psychology of security theater measures can have positive or adverse effects. They may have a positive effect by helping to thwart the spread of unnecessary fear, but at the same time a false feeling of security could make people less on their guard than they would normally be, actually lowering their security.

Examples of security theater

Some examples of measures that are considered security theater rather than authentic security include:

  • Security guards whose guns contain blanks.
  • Elaborate airport security systems that give an impression of being more thorough than they actually are, such as random individual searches.
  • Dummy security cameras that do not capture or broadcast actual footage.
  • Computer systems that hide their system features to make them seem less vulnerable to attacks.
  • Password strength policies that are not reinforced by IT staff.
  • Building access that is granted by an identification badge.
  • Tamper-evident seals on pill bottles or packaged goods.

Some of these measures may have a slight benefit to security, but ultimately security theater measures are more about making individuals feel better. In each of these instances, the security measure can be fairly easily circumvented. For example, a criminal could make a copy of an identification badge. However, in general the public still feels better having a superficial security barrier in place because it may still improve the probability that the people involved will stay safe.

This was last updated in April 2019

Continue Reading About security theater

Networking
  • network management system

    A network management system, or NMS, is an application or set of applications that lets network engineers manage a network's ...

  • host (in computing)

    A host is a computer or other device that communicates with other hosts on a network.

  • Network as a Service (NaaS)

    Network as a service, or NaaS, is a business model for delivering enterprise WAN services virtually on a subscription basis.

Security
  • WebAuthn API

    The Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web ...

  • Common Vulnerability Scoring System (CVSS)

    The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in ...

  • Dridex malware

    Dridex is a form of malware that targets victims' banking information, with the main goal of stealing online account credentials ...

CIO
  • audit program (audit plan)

    An audit program, also called an audit plan, is an action plan that documents what procedures an auditor will follow to validate ...

  • blockchain decentralization

    Decentralization is the distribution of functions, control and information instead of being centralized in a single entity.

  • outsourcing

    Outsourcing is a business practice in which a company hires a third party to perform tasks, handle operations or provide services...

HRSoftware
  • team collaboration

    Team collaboration is a communication and project management approach that emphasizes teamwork, innovative thinking and equal ...

  • employee self-service (ESS)

    Employee self-service (ESS) is a widely used human resources technology that enables employees to perform many job-related ...

  • learning experience platform (LXP)

    A learning experience platform (LXP) is an AI-driven peer learning experience platform delivered using software as a service (...

Customer Experience
  • market segmentation

    Market segmentation is a marketing strategy that uses well-defined criteria to divide a brand's total addressable market share ...

  • sales pipeline

    A sales pipeline is a visual representation of sales prospects and where they are in the purchasing process.

  • market basket analysis

    Market basket analysis is a data mining technique used by retailers to increase sales by better understanding customer purchasing...

Close