Sunday, November 26, 2006

Security Absurdity - Feedback

Thanks to Gene Spafford for a pointer to a post by Noam Eppel responding to the responses to his earlier post: Security Absurdity: The Complete, Unquestionable, and Total Failure of Information Security.

There's too much in these posts for me to reasonably summarize (beyond the subtitle), other than to say that he provides a ton of evidence that the security sky really is falling, and that it is up to security professionals to lead the rescue (if there is to be a rescue).
If one is going to write an article claiming a "total failure" of information security, one should expect some strong feedback. I was not sure what to expect - total disregard, complete agreement, outrage, or indifference. Thankfully, the majority of responses have been very positive. Whether or not you believe there has been a "total failure", there seems to be almost unanimous agreement that things are pretty bad out there, and the security community faces some significant challenges. It has been six months since my article was posted and sadly the security situation is only getting worse. The Cyberworld has progressed merely from the Wild West to the 1920s mob-controlled urban centers. Shortly after my Security Absurdity article was posted online, we witnessed a remarkable series of events when cybercriminals forced Blue Security, an innovative anti-spam security company, out of business. This incident demonstrated quite dramatically that cybercriminals are indeed currently winning the battle.
[Other Sources]

Labels: , , , ,


Post a Comment