Monday, February 07, 2005

Carl Landwehr on the need for security investment

An editorial in IEEE Security and Privacy points out that investments in computer security have not kept pace with those in other areas or the growth of the needs.

"It is as if we wished for processing, storage, and communications, but forgot to mention security or dependability. Of course, these changes didn’t happen magically or through some Faustian bargain. We invented, developed, marketed, and purchased the technologies with which we are now both blessed and cursed. We create puzzles for ourselves—but can we solve them?"

"The DOM [decimal order of magnitude] advances in other technologies have been fueled by a combination of research investment and market forces, stimulating both new knowledge and commercial innovation. Can these same forces improve security as well?"

"We must raise our sights. We don’t have to live in a world where patches and worms chase each other around the networks on which we depend... We built this puzzle, so we should remind ourselves occasionally that it’s in our power to reshape the pieces."

Labels: ,


Post a Comment