First thing first: I am not an expert in any of those fields but I am interested in information security, although I am poor practitioner (didn’t I use my professional email address to register to Huridocs? )
A. It seems to me that physical security is naturally being enforced on an individual level by the person itself. In general, people do care and try not to put themselves in risky situations when it comes to their own personae. Or, when it comes to digital security, the picture is vastly different: they tend to have no ability to apply even the simpler defensive mechanism; they completely surrender their trust to their machine (“My machine is secure enough, it is made by XXX”); or they even consciously undermine their own security (“Hahah, I am using a weak password and it worked”).
How can holistic security helps to make the user more conscious and start to also enforce a kind of digital security? Or should it be used this way?
B. Digitial security is already a concept that is hard to swallow (but “thanks” to WannaCry and the like, it seems that people are starting to slowly get it).
Is there any disadvantage in trying to blend digital and physical security into another concept ?
C. The digital world is a place with its own laws, and sometimes it just vastly differs from the real world to the point it is hard to make any meaningful analogies.
Is there any instances or examples where we shouldn’t mix digital and physical security? Where does both concepts do not overlap?