Cybersecurity professionals are caught between a rock and a hard place, as they are tasked with keeping systems and users secure while not hindering the business in any way. As organizations and consumers do more business online and in the cloud, user experience is becoming a top priority. As the founder and CTO of a compromised credential detection company, I've found that security efforts are often hindered in favor of a positive user experience. In the security world, the "tree-falls-in-the-forest" question is this:
If a user doesn’t turn on a security feature, does it really matter how much more secure it is?
https://www.forbes.com/sites/forbestechcouncil/2019/09/17/balancing-user-experience-with-security-overcoming-resistance-to-two-factor-authentication/#772b35ca3b0e/
